f6f76d3cc968545200185beefb8e0f1d_JaffaCakes118

General

Target

f6f76d3cc968545200185beefb8e0f1d_JaffaCakes118
Size

488KB
MD5

f6f76d3cc968545200185beefb8e0f1d
SHA1

52f043cf7d74508268d19373b7f50c74a186779e
SHA256

1dc29df6878bec63202f8ce5e9ea10313a5161b074616528893135b5ee3f0126
SHA512

55545ff46cfc4178660a21f30f81fb70f9cb215ae8bf0937ba42932b23fca7a968868c5c2143ee54dcbf90fa1d773ddbdb47e9e38b9f20aa35282443c1d62a08
SSDEEP

12288:oA9NAMQB0fRhfO1jTnTjMZYWsPTFzRCt34scb/an2cn:/OB0JhfOBT33WsJM+O2cn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6f76d3cc968545200185beefb8e0f1d_JaffaCakes118

Files

f6f76d3cc968545200185beefb8e0f1d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7597bf8a1dabd1988bd71ee08e0b2fe7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetCurrentThreadId
CreateFileA
SetEndOfFile
FormatMessageA
InterlockedDecrement
CreateProcessW
CreateFileW
HeapCreate
HeapReAlloc
CompareStringA
WriteFile
SetUnhandledExceptionFilter
ReadFile
DeleteCriticalSection
SetFilePointer
GetStringTypeA
MapViewOfFile
SetStdHandle
GetProcAddress
GetCommandLineA
SetErrorMode
DeleteFileA
LockResource
GetCurrentProcessId
VirtualFree
LoadLibraryA
GetFileAttributesW
FlushFileBuffers
GetEnvironmentStringsW
GetVersionExA
TlsAlloc
IsBadWritePtr
HeapAlloc
HeapDestroy
QueryPerformanceCounter
GetOEMCP
WaitForSingleObject
GetModuleFileNameW
lstrlenA
GetSystemInfo
HeapFree
GetProcessHeap
VirtualAlloc
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
SetHandleCount
GetStdHandle
GetFileType
TlsSetValue
SetLastError
TlsGetValue
GetLastError
GetEnvironmentVariableA
RtlUnwind
InterlockedIncrement
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

user32

GetClientRect
GetWindowLongA
LoadStringA
GetKeyState
GetDC
EndDialog
EnableWindow
IsWindow
GetSystemMetrics
UpdateWindow

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 432KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7597bf8a1dabd1988bd71ee08e0b2fe7

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 432KB - Virtual size: 428KB

.data Size: 20KB - Virtual size: 22KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 432KB - Virtual size: 428KB

.data
Size: 20KB - Virtual size: 22KB

.rsrc
Size: 4KB - Virtual size: 2KB