fa29b409199c87cf5f3aedbc1b9f61aa_JaffaCakes118

General

Target

fa29b409199c87cf5f3aedbc1b9f61aa_JaffaCakes118
Size

138KB
MD5

fa29b409199c87cf5f3aedbc1b9f61aa
SHA1

b882e0ecc9dc67e6d744e3e33c0393475885c566
SHA256

2f7d4d91e4df88d104fbb93b9895cc9ff31d9238e80a96e6047f9272c6fc4ac8
SHA512

91acf630f887c89fd842b1459de7c2f9031414441de7f78c4c0941318f33c340459580680033a17e8ee54e55e59808c773115bacd070c14e365f99986420c567
SSDEEP

3072:FnSNJa7n/VdpMmusBY1uMng1R7uV9FBnUxuJrTdkzGn0+AGGPY/T:FSQ/VdcsYa1R7+FxUxuKG0hDPe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa29b409199c87cf5f3aedbc1b9f61aa_JaffaCakes118

Files

fa29b409199c87cf5f3aedbc1b9f61aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

956ee3ffb69bcf4f103c0adc006bdded

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadPriority
GetDriveTypeA
FreeLibrary
TlsSetValue
TlsAlloc
GetModuleFileNameA
GetCurrentThreadId
GetStartupInfoA
TlsFree
IsValidCodePage
CloseHandle
TlsGetValue
GetModuleHandleA
Sleep
GetCurrentProcessId
VirtualAlloc
GetCurrentProcess
GetLogicalDrives
GetSystemDefaultLangID
GetCommandLineA
GetCurrentThread

user32

ReleaseDC
GetWindow
GetWindowTextLengthA
GetWindowLongA
GetFocus
GetDC
GetForegroundWindow
GetWindowTextA
ShowWindow
BeginPaint
CreateWindowExA
GetWindowDC
GetActiveWindow
UpdateWindow
RegisterClassA
GetClassLongA
IsWindowVisible
GetSystemMetrics
OpenIcon

advapi32

RegCloseKey
RegCreateKeyExA
RegQueryValueExA
GetUserNameA
IsTextUnicode
RegOpenKeyExA

version

VerQueryValueA
GetFileVersionInfoSizeA
VerLanguageNameA
GetFileVersionInfoA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

956ee3ffb69bcf4f103c0adc006bdded

Headers

File Characteristics

Imports

kernel32

user32

advapi32

version

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 76KB

.rsrc Size: 94KB - Virtual size: 96KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 76KB

.rsrc
Size: 94KB - Virtual size: 96KB