dee47ddf60050bef2ea9c3155842a760_JaffaCakes118

General

Target

dee47ddf60050bef2ea9c3155842a760_JaffaCakes118
Size

172KB
MD5

dee47ddf60050bef2ea9c3155842a760
SHA1

097eba70cc797fe3ba34f96d2088875ddf4d5c72
SHA256

c80acbed42675774d4873a9a5e0336f0b0d6e4d327d7a7175161307666c64970
SHA512

188c96b128f0e887ccfb13365489b60173a4514063b3c98092cfcb92aa796010830a804d2fcf97c7e75be81c6af632ccd7200def7048a8e0c3cf6c0a277a0b91
SSDEEP

3072:z11dlP/cP4YKC2vSIHhssPx22fFbrZkYM3DoB3:zPoeaIHhdPU2fFHv4A3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dee47ddf60050bef2ea9c3155842a760_JaffaCakes118

Files

dee47ddf60050bef2ea9c3155842a760_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f53e674f108e3a3c5e993c4429b44c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
LoadLibraryA
VirtualAlloc
VirtualProtect
GetProcAddress
GetModuleHandleA
GetLastError
PulseEvent
SuspendThread
FileTimeToLocalFileTime
ResetEvent
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapSize
VirtualQuery
InterlockedExchange
RtlUnwind
GetCPInfo
GetOEMCP
GetACP
HeapReAlloc
HeapCreate
HeapDestroy
GetFileType
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetSystemInfo

user32

EnumThreadWindows
DrawTextA
LoadAcceleratorsA
BeginPaint
EndPaint
DefWindowProcA
RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
InSendMessage

shell32

SHGetFolderPathA

psapi

GetModuleBaseNameA

gdiplus

GdipCreateFromHDC
GdipDeleteGraphics
GdiplusShutdown

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f53e674f108e3a3c5e993c4429b44c2

Headers

File Characteristics

Imports

kernel32

user32

shell32

psapi

gdiplus

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 44KB - Virtual size: 42KB

.rsrc Size: 96KB - Virtual size: 181KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 44KB - Virtual size: 42KB

.rsrc
Size: 96KB - Virtual size: 181KB