cf972b7cb6859ead796e0c474f7e6d70_JaffaCakes118

General

Target

cf972b7cb6859ead796e0c474f7e6d70_JaffaCakes118
Size

524KB
MD5

cf972b7cb6859ead796e0c474f7e6d70
SHA1

5be4e18514824bdd645e0be0aa73e9d46bbe1b3a
SHA256

c05b5399ef0ff8e8131e4f2798aa5b53fec9e770ee9bdeafea7c731e5366cbdc
SHA512

62948f20cb9f2ccb2331b33e0cc03ac36e390b2c71dcd9bb885b5dcd098bcd548ea4678761ab69285ce468fb98703dd33adad3e530f81e53cc7225440548bb44
SSDEEP

12288:2kSEd8EeQqxaCSp5jx9B1PqpWkcN/tBYGeyheoHiDQLjLBym:2b/xa55jTqN2cyheIcc/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf972b7cb6859ead796e0c474f7e6d70_JaffaCakes118

Files

cf972b7cb6859ead796e0c474f7e6d70_JaffaCakes118
.exe windows:4 windows x86 arch:x86

002b554ee5b8b2c1dbff2c838b64c47e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
GetCurrentThreadId
FormatMessageA
FindClose
VirtualFree
GlobalAlloc
FindResourceW
FreeLibrary
GetModuleHandleW
GlobalLock
CloseHandle
GetCurrentProcess
SetUnhandledExceptionFilter
InterlockedExchange
lstrcmpA
GetModuleHandleA
GetStringTypeA
lstrlenA
GetProcessHeap
GetProcAddress
FreeEnvironmentStringsW
MultiByteToWideChar
SetErrorMode
GetCommandLineW
LocalAlloc
HeapSize
FileTimeToLocalFileTime
GetStartupInfoA
GetModuleFileNameA
LoadLibraryA
GetVersionExA
IsDebuggerPresent
GetExitCodeProcess
WaitForSingleObject
GetModuleFileNameW
SetHandleCount
LCMapStringW
GetLastError
HeapAlloc
VirtualAlloc
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetStdHandle
GetFileType
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
HeapDestroy
HeapCreate
HeapFree
RtlUnwind
WriteFile
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
GetStringTypeW
LCMapStringA

user32

TrackPopupMenu
RegisterClassA
GetDlgItem
SetWindowTextA
SetWindowLongA
GetWindowRect
GetSystemMetrics
ShowWindow
DestroyMenu
BeginPaint

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 464KB - Virtual size: 466KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

002b554ee5b8b2c1dbff2c838b64c47e

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 464KB - Virtual size: 466KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 464KB - Virtual size: 466KB

.rsrc
Size: 4KB - Virtual size: 1KB