f6542323becbcb44c581d65620e996aa_JaffaCakes118

General

Target

f6542323becbcb44c581d65620e996aa_JaffaCakes118
Size

172KB
MD5

f6542323becbcb44c581d65620e996aa
SHA1

bc555c6ee7ec72dd0478d80e2ab14b4caf841d7b
SHA256

d54701dc2b8a20b09e2dfc6bdda29727e4691280116a09ebf9f91a2619230061
SHA512

525af66a7b4f12a2deb9048014d91efb9e7dac61a96c12cc37914a20d39f3375f4a20af635c75462a9d198242be607a31d2235450e2d0b5c3ee5af1554b734db
SSDEEP

3072:djBCvX3xXDChbs25/WjuvW2LJPFDUf5zT7mdG7mkbAL9b:5B6Re1f5/luMJtDU5yqAB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6542323becbcb44c581d65620e996aa_JaffaCakes118

Files

f6542323becbcb44c581d65620e996aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55b7f665f22e5786b3f54be8e73d8a52

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
WriteProcessMemory
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
CloseHandle
CreateRemoteThread
VirtualAllocEx
GetProcAddress
GetModuleHandleA
Sleep
GetPrivateProfileStringA
ExitProcess
GetModuleFileNameA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LCMapStringW
LCMapStringA
GetSystemInfo
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapAlloc
HeapFree
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
HeapSize
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
InterlockedExchange
VirtualQuery
GetLocaleInfoA
VirtualProtect
GetSystemTimeAsFileTime

user32

DialogBoxParamA
GetDlgItemTextA
EndDialog
MessageBoxA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55b7f665f22e5786b3f54be8e73d8a52

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 132KB - Virtual size: 129KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 132KB - Virtual size: 129KB