070300a3ac48f952cf75a85ab237e51d_JaffaCakes118

General

Target

070300a3ac48f952cf75a85ab237e51d_JaffaCakes118
Size

234KB
MD5

070300a3ac48f952cf75a85ab237e51d
SHA1

120466ea9d1b59b6ae6b0635ceea1588e0855d4f
SHA256

1e3dcc137192cf744645511d7a325e7a1198ada8bda26ed424892091444ddf1d
SHA512

ad5d45ff5f6ec2afea7b0c3d51ba08f16389109cffb67c300405200ba488699b96106b1cf6906b601ecd560638761b1e00c71089582eaa1d7abaf89306e7d697
SSDEEP

6144:kHJiqIa7S+GRH3a++oDSjCGnvg0/NfkzqBPnw5:Uws79uXa+3uDnoml9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
070300a3ac48f952cf75a85ab237e51d_JaffaCakes118

Files

070300a3ac48f952cf75a85ab237e51d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de1b7456089d2e6d3bbeaab5298ec43e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
TlsFree
TlsSetValue
GetFullPathNameA
GetProcAddress
UnhandledExceptionFilter
HeapReAlloc
WriteFile
SetConsoleWindowInfo
HeapCreate
GetCurrentProcessId
HeapAlloc
GetShortPathNameW
GetEnvironmentStrings
HeapDestroy
GetModuleHandleA
VirtualFree
VirtualProtectEx
GetNumberFormatW
InterlockedExchange
GetLastError
SetHandleCount
LoadResource
MultiByteToWideChar
GetOEMCP
WriteConsoleOutputCharacterW
GetStdHandle
EnumSystemCodePagesW
OutputDebugStringW
ExitProcess
GetTickCount
TerminateThread
SetLastError
HeapFree
FreeEnvironmentStringsW
GetModuleFileNameA
IsBadWritePtr
LoadLibraryA
QueryPerformanceCounter
FreeEnvironmentStringsA
VirtualAlloc
WritePrivateProfileStringA
EnumDateFormatsW
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetCommandLineA
GetEnvironmentStringsW
GetStartupInfoA
GetVersion
GetLongPathNameA
TlsGetValue
DeleteCriticalSection
GetSystemTimeAsFileTime
GetCommandLineW
GlobalAddAtomW
GlobalUnlock
GetCurrentThread
GetFileType
GetCalendarInfoW
CreatePipe
GetStartupInfoW
LeaveCriticalSection
GetDriveTypeW
GetModuleFileNameW
EnterCriticalSection
SetFileAttributesA
TlsAlloc

user32

IsCharAlphaA
DrawCaption
GetClassLongA
PaintDesktop
GetProcessDefaultLayout
ChangeMenuA
AppendMenuW
GetUserObjectInformationA
IsMenu
WINNLSEnableIME
CallNextHookEx
GetDlgItemTextW
ChangeClipboardChain
GetCursor
IsRectEmpty
MsgWaitForMultipleObjects
DdeCreateDataHandle
UnregisterClassW
SendMessageW
FindWindowA
EqualRect
GetMenuStringA
GetThreadDesktop
ClipCursor

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de1b7456089d2e6d3bbeaab5298ec43e

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 121KB - Virtual size: 120KB

.data Size: 106KB - Virtual size: 116KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 121KB - Virtual size: 120KB

.data
Size: 106KB - Virtual size: 116KB

.rsrc
Size: 6KB - Virtual size: 6KB