c24beda407f9997e3391c9d2e7d3de31_JaffaCakes118

General

Target

c24beda407f9997e3391c9d2e7d3de31_JaffaCakes118
Size

36KB
MD5

c24beda407f9997e3391c9d2e7d3de31
SHA1

386b3a7d71d5eeebdd2730d05a85f8a8ce60734c
SHA256

1c9ea80cc368f6ff4727226f6802ad82902bcde3a896d024765bcf74de233b2a
SHA512

0721b839d361c56f78bc61cd74a0a238b059034291f1b0dc822c2683b74cffaf1c1df72e4cb0330ca8dcc86fee451b0c2ad10e472ea004fccdedde4fb1d2e13c
SSDEEP

384:gzBV3g3WIUGYvW8RZmwzMtL1ymWWWWWWWWWWWWWWWWWWWWWWWWWWW+J1Atdw444F:g/3ghkvW8rUyOwtdw4fCa1Qi+0jm+D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c24beda407f9997e3391c9d2e7d3de31_JaffaCakes118

Files

c24beda407f9997e3391c9d2e7d3de31_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4147652c551293401308e187e72d24ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetFileTime
IsBadCodePtr
UpdateResourceA
GetComputerNameA
GetFullPathNameA
lstrcmpA
GetThreadLocale
MapUserPhysicalPagesScatter
CreateNamedPipeA
SetTimerQueueTimer
FindClose
GetSystemDirectoryA
GetSystemWindowsDirectoryA
EnumResourceLanguagesA
IsBadWritePtr
DeleteTimerQueueEx
SetLocaleInfoA
HeapValidate
GetStartupInfoW
QueryPerformanceCounter
FreeLibraryAndExitThread
SetConsoleKeyShortcuts
GetCurrentProcessId
IsDebuggerPresent
GetDriveTypeA
GetCalendarInfoA
MoveFileExW
SizeofResource
CallNamedPipeA
ExpandEnvironmentStringsA
GetConsoleCP
SetComputerNameA
LoadLibraryA
CreatePipe
GetCommMask
GetCPInfo
GetFullPathNameA
SetThreadPriority
GetConsoleWindow
GetConsoleTitleA
ReadConsoleOutputCharacterA
GetLocalTime
GetCurrentProcess
GetNumberOfConsoleFonts
GetProcessShutdownParameters
ResetEvent
PeekNamedPipe
GetProcessHeap
GetVolumePathNameA
GetFileAttributesExA
GetTempPathA
CopyFileExW
OpenSemaphoreA
OpenMutexA
SetErrorMode
OpenJobObjectA
GetFileInformationByHandle
_lwrite
GetVolumeNameForVolumeMountPointA
WaitForSingleObject
GetProcessHandleCount
GetStartupInfoA
FlushConsoleInputBuffer
GetDefaultCommConfigA
SetFilePointer
GetConsoleTitleA
GetPrivateProfileSectionNamesA
VirtualAlloc
GetCompressedFileSizeA
ClearCommError
GetOverlappedResult
VerifyVersionInfoA

gdi32

GetTextExtentPoint32A
MoveToEx

Exports

Exports

Jycnrghq
WriteYkmpydfxoy
Mrfrpbuqxax
InitBxtnkuqria
CreateLrfiqjjquga

Sections

.itext
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4147652c551293401308e187e72d24ea

Headers

File Characteristics

Imports

kernel32

gdi32

Exports

Exports

Sections

.itext Size: - Virtual size: 2KB

.text Size: 13KB - Virtual size: 12KB

.rsrc Size: 22KB - Virtual size: 22KB

.itext
Size: - Virtual size: 2KB

.text
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 22KB - Virtual size: 22KB