fdc2de460d937d15c02d0886e8f5ed4c_JaffaCakes118

General

Target

fdc2de460d937d15c02d0886e8f5ed4c_JaffaCakes118
Size

181KB
MD5

fdc2de460d937d15c02d0886e8f5ed4c
SHA1

f37b723d5605ce1cec1bbbd540b434afb9c9ba12
SHA256

0d96c8a11fe748d1258fc20378d3e354fd468dd7ba9d07670497024b6fb03406
SHA512

756bb90f34bd55bb2e84e8530bd55e9aa8dc57302189530c2a0257d06397a0aa3fb58d3df3724beaf964e5581b8e118378c3eee3e95ec0483f72368313cadffd
SSDEEP

3072:e4m6UhoAvW8Xxxz5ETUUHZX5nVNKym9UunDuijCl2a2ErZZ:e/O8BxQHZJVoUuR+/2Er

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdc2de460d937d15c02d0886e8f5ed4c_JaffaCakes118

Files

fdc2de460d937d15c02d0886e8f5ed4c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a436e40b2ad6f6f68028341fc45ef08e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
SetUnhandledExceptionFilter
VirtualAlloc
GetCurrentProcess
TerminateProcess
VirtualQuery
HeapCreate
ExitProcess
GetProcessHeap
VirtualFree
HeapFree
InterlockedIncrement
HeapAlloc
lstrlenA
UnhandledExceptionFilter
RtlUnwind
IsDebuggerPresent

user32

GetKeyboardLayout

shell32

SHGetFolderPathA
SHGetDesktopFolder

comctl32

ImageList_Destroy
ImageList_GetIcon
ImageList_Create
ImageList_DragLeave
ImageList_DragEnter
ImageList_SetIconSize
ord17
ImageList_DragShowNolock

shlwapi

PathAppendA

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 480KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a436e40b2ad6f6f68028341fc45ef08e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

comctl32

shlwapi

Sections

.text Size: 115KB - Virtual size: 115KB

.rdata Size: 44KB - Virtual size: 44KB

.data Size: 14KB - Virtual size: 480KB

.tls Size: 512B - Virtual size: 9B

.CRT Size: 512B - Virtual size: 8B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 115KB - Virtual size: 115KB

.rdata
Size: 44KB - Virtual size: 44KB

.data
Size: 14KB - Virtual size: 480KB

.tls
Size: 512B - Virtual size: 9B

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB