d4383e8fd75b31d90f918988580a11b5_JaffaCakes118

General

Target

d4383e8fd75b31d90f918988580a11b5_JaffaCakes118
Size

426KB
MD5

d4383e8fd75b31d90f918988580a11b5
SHA1

d804826970dccfce3ebdfafdf3c7d2fee49fdd1a
SHA256

eaef9fd393bf226bed64feb82fcbabe1f552578876292e303a6557171aebd421
SHA512

b12d3498f8c0a5ebab8a271847d3a4f72870e120727c8f8c7c48d87f965b2ff0fb67bcb2e79de49501f80f0554b4317e76d06b8e0e032b783a2194b103ee54a7
SSDEEP

12288:J/oC6yPakrXD78yTMgxw2W3R+rzfJ52dN:JQFyPa4z78yTMgxXW3kR5G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4383e8fd75b31d90f918988580a11b5_JaffaCakes118

Files

d4383e8fd75b31d90f918988580a11b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

556b40649f8ad5d67941aa3ff9507bc1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
HeapDestroy
InitializeCriticalSection
TlsFree
GetProcAddress
IsBadWritePtr
HeapReAlloc
TlsSetValue
CompareStringA
GetStartupInfoA
GetCurrentProcessId
VirtualFree
GetVersion
GetCurrentThread
VirtualProtect
GetModuleHandleA
IsValidCodePage
SetConsoleCtrlHandler
WideCharToMultiByte
MultiByteToWideChar
GetEnvironmentStringsW
GetTimeZoneInformation
DeleteCriticalSection
GetTimeFormatA
LCMapStringA
GetCompressedFileSizeA
GetLocaleInfoW
LocalShrink
WriteFileEx
ExitProcess
GetTickCount
lstrcmpA
UnhandledExceptionFilter
HeapFree
FreeEnvironmentStringsW
GetModuleFileNameA
GetStringTypeW
LoadLibraryA
QueryPerformanceCounter
FreeEnvironmentStringsA
VirtualAlloc
GlobalAlloc
CompareStringW
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetACP
GetDateFormatA
GetLastError
SetHandleCount
WriteFile
HeapSize
EnterCriticalSection
GetSystemTimeAsFileTime
GetCPInfo
GetVersionExW
OpenFile
GetCommandLineA
GetEnvironmentStrings
WaitForDebugEvent
TlsAlloc
LCMapStringW
GetSystemInfo
GetDiskFreeSpaceExA
GetFileType
SetLastError
TransmitCommChar
HeapCreate
TlsGetValue
GetLocaleInfoA
CreateMailslotA
InterlockedExchange
GetStdHandle
GetOEMCP
EnumSystemLocalesA
LeaveCriticalSection
DeleteFiber
SystemTimeToFileTime
IsValidLocale
GetUserDefaultLCID
HeapAlloc
SetEnvironmentVariableA
GetVersionExA
WritePrivateProfileStructW

gdi32

GetBitmapBits
CreateScalableFontResourceA
GetStockObject
EnumFontFamiliesExA
GdiFlush
CopyMetaFileA
CreateMetaFileW
GetPath
ModifyWorldTransform
IntersectClipRect
GetObjectA
GetStretchBltMode

Sections

.text
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

556b40649f8ad5d67941aa3ff9507bc1

Headers

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 147KB - Virtual size: 147KB

.data Size: 273KB - Virtual size: 272KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 147KB - Virtual size: 147KB

.data
Size: 273KB - Virtual size: 272KB

.rsrc
Size: 5KB - Virtual size: 4KB