ce342f64a1f25032f6c28798b9d43341_JaffaCakes118

General

Target

ce342f64a1f25032f6c28798b9d43341_JaffaCakes118
Size

184KB
MD5

ce342f64a1f25032f6c28798b9d43341
SHA1

cbccd3cab8456cb042f3ac4826bc628c01e4cfda
SHA256

99483fa612cde8dabf46a62bca2e8336ab226cc3d60cbdfa54540f950013f490
SHA512

c0c443e760301696506b06e00dc04801fcb11e3693d48a74651d7d1fe4abf76627fb9254aebafeddf5dc4c3a7a3448c8225572acff1e3a2c8a199cb0936bcd96
SSDEEP

3072:XNBB/XE94EB454BcXjjQcAO5aem+95skagVg5VsXFN2ZPFScv5l:dBBfREB4G3BOQe7HskVW5Vsf6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce342f64a1f25032f6c28798b9d43341_JaffaCakes118

Files

ce342f64a1f25032f6c28798b9d43341_JaffaCakes118
.exe windows:4 windows x86 arch:x86

399a45c586c15f71a00cec05a7059c11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\vdev12\apg.pdb

Imports

kernel32

Sleep
VirtualFree
VirtualAlloc
LoadLibraryA
VirtualProtect
GetProcAddress
GetModuleHandleA
CloseHandle
SetFilePointer
GetLocaleInfoA
LCMapStringW
LCMapStringA
HeapSize
FlushFileBuffers
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
HeapFree
MultiByteToWideChar
HeapAlloc
GetSystemInfo
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
RtlUnwind
InterlockedExchange
GetStringTypeA
GetStringTypeW
ReadFile
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetStdHandle

user32

ShowWindow
IsWindowEnabled

winscard

SCardEndTransaction

ws2_32

WSAStartup

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

399a45c586c15f71a00cec05a7059c11

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

winscard

ws2_32

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 148KB - Virtual size: 145KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 80KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 148KB - Virtual size: 145KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 80KB