03624b225ffc9eb0f89727e981a7957f_JaffaCakes118

General

Target

03624b225ffc9eb0f89727e981a7957f_JaffaCakes118
Size

389KB
MD5

03624b225ffc9eb0f89727e981a7957f
SHA1

f68f8150c1e647e771075350249f9036fa1244a3
SHA256

fa88b4b7b91c4164b6e876091faca2cfe6a8ccda0608fef512c395cebc1da642
SHA512

f0700098716b8e5c4043f70cda8bf8307eeae08fc46c7048939dd6bb02d5bcba14e6f227719848cd70bf83a433021dc97b0086779f7c904db2aa5da095c5d6d8
SSDEEP

12288:4m0MoYbEhjsGDWBDuGCU9a/4yN4x/TUDT0N:4Me/6DuGCf/4yMUX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03624b225ffc9eb0f89727e981a7957f_JaffaCakes118

Files

03624b225ffc9eb0f89727e981a7957f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b49c2ccfb3e0b33234c334c5ba3f0b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
TlsFree
GetVersion
DeleteCriticalSection
GetProcAddress
GetCommandLineW
HeapReAlloc
VirtualFree
EnterCriticalSection
MultiByteToWideChar
GetCurrentProcessId
HeapAlloc
GetVolumeInformationA
GetModuleFileNameW
SetHandleCount
GetModuleHandleA
WriteFile
DeleteAtom
ReadConsoleInputW
InterlockedExchange
GetStdHandle
TlsSetValue
FreeEnvironmentStringsW
TlsGetValue
FreeLibrary
Sleep
IsBadWritePtr
GetConsoleTitleA
GetPrivateProfileSectionW
ExitProcess
GetTickCount
FoldStringW
UnhandledExceptionFilter
HeapFree
GetEnvironmentStrings
GetModuleFileNameA
TlsAlloc
LoadLibraryA
QueryPerformanceCounter
GetCurrentThread
VirtualAlloc
GetStringTypeW
FreeEnvironmentStringsA
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetEnvironmentStringsW
GetStartupInfoA
HeapDestroy
LeaveCriticalSection
LoadResource
HeapCreate
GetCommandLineA
GetSystemTimeAsFileTime
GetFileType
TransactNamedPipe
CreateDirectoryW
GetLastError
GetStartupInfoW
SetCriticalSectionSpinCount
EnumDateFormatsW
InitializeCriticalSection

gdi32

GetTextExtentExPointA
FrameRgn
GetKerningPairs
EndPath
CreateFontW
CreateRectRgnIndirect
SetStretchBltMode
BeginPath
CreateFontIndirectA
TranslateCharsetInfo
GetGlyphOutline
GetRasterizerCaps
SetICMProfileW
EnumFontsW
DescribePixelFormat
SetViewportExtEx
SetBkColor
GetTextCharset
GetTextCharsetInfo
CreatePolygonRgn
EnumFontFamiliesExA
Arc
OffsetWindowOrgEx

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 267KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b49c2ccfb3e0b33234c334c5ba3f0b1

Headers

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 116KB - Virtual size: 115KB

.data Size: 267KB - Virtual size: 289KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 116KB - Virtual size: 115KB

.data
Size: 267KB - Virtual size: 289KB

.rsrc
Size: 5KB - Virtual size: 5KB