06a0bafbd2a0a0a1a17ffbfd99c998eb_JaffaCakes118

General

Target

06a0bafbd2a0a0a1a17ffbfd99c998eb_JaffaCakes118
Size

292KB
MD5

06a0bafbd2a0a0a1a17ffbfd99c998eb
SHA1

34b0a02004ee65b883d59e7f756fdfd7f080564b
SHA256

e1e1cebb7299f4c0a8ed42138475587c28cbd157c5046887da2d6593078881b7
SHA512

75abab3d4e18914ee850e8fe80bb252d0e3da9c1295bd67436ad6d560dfee423045eaa6c1b3b0d4cb9c84682785639a3b27f90d445fbb83ce982bff9c4f3cec1
SSDEEP

6144:/1IoZzfQO58fMOt9OE5bmPjvhGzTIduDTltt7ilU+70khzXZukPhBL:/1RpOPnZ0+Tl77ID

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06a0bafbd2a0a0a1a17ffbfd99c998eb_JaffaCakes118

Files

06a0bafbd2a0a0a1a17ffbfd99c998eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58cad4b9318f31340fffaf70dc873dbf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
HeapSize
InterlockedDecrement
SetLastError
GetProcAddress
InterlockedIncrement
HeapReAlloc
Sleep
FreeEnvironmentStringsA
GetStdHandle
GetCurrentProcessId
TlsFree
SetSystemTime
GetEnvironmentStringsW
TlsGetValue
WriteFile
IsDebuggerPresent
GlobalGetAtomNameW
TlsSetValue
LeaveCriticalSection
GetLocaleInfoA
VirtualFree
FreeLibrary
GetUserDefaultLCID
IsValidLocale
WriteConsoleOutputCharacterA
GetStartupInfoA
GetSystemDirectoryW
GetVolumeInformationA
ExitProcess
GetTickCount
GetModuleFileNameW
TlsAlloc
HeapFree
GetCommandLineW
GetModuleFileNameA
GetTimeFormatA
LoadLibraryA
QueryPerformanceCounter
GetCommandLineA
VirtualAlloc
CreateMailslotW
FreeEnvironmentStringsW
WideCharToMultiByte
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetCurrentThread
GetFileType
GetOEMCP
SetConsoleCtrlHandler
UnhandledExceptionFilter
InitializeCriticalSection
GetACP
GetSystemTimeAsFileTime
GetDateFormatA
DeleteCriticalSection
GetPrivateProfileSectionNamesA
GetEnvironmentStrings
GetLastError
CompareStringW
SetHandleCount
LCMapStringA
GetTimeZoneInformation
CompareStringA
GetLocaleInfoW
SetEnvironmentVariableA
CommConfigDialogA
HeapDestroy
SetUnhandledExceptionFilter
GetProcessHeap
CloseHandle
InterlockedExchange
GetStringTypeA
GetStartupInfoW
GetCPInfo
LCMapStringW
EnumSystemLocalesA
EnterCriticalSection
IsValidCodePage
HeapCreate
HeapAlloc
MultiByteToWideChar
CreateFileW
SetPriorityClass
GetVersionExA
VirtualQuery
GetModuleHandleA

comdlg32

FindTextA
PageSetupDlgW
ReplaceTextW
GetOpenFileNameA
LoadAlterBitmap

Sections

.text
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58cad4b9318f31340fffaf70dc873dbf

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 143KB - Virtual size: 143KB

.data Size: 142KB - Virtual size: 150KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 143KB - Virtual size: 143KB

.data
Size: 142KB - Virtual size: 150KB

.rsrc
Size: 6KB - Virtual size: 5KB