0aaa73da30429eb2aec6e2b6118079ab_JaffaCakes118

General

Target

0aaa73da30429eb2aec6e2b6118079ab_JaffaCakes118
Size

155KB
MD5

0aaa73da30429eb2aec6e2b6118079ab
SHA1

0081addf67d30d74129c708fc51f4ed1de36ef89
SHA256

cee6e9ee7741d0a8c57970f3f802a379458d4dc8c0139525a8d1025b0f99f4a0
SHA512

0e9c1032b4316f9ce669293dbfead435e9598608c5e45dfb2fbe701f9c92657ddb3fc0826c4aa3f6a0d0f98478546b785c78085bc0349ed33beb2fd88951bd4d
SSDEEP

3072:nbAYFB2fRveHxVy9N+BHKS5nekEUaSvjSuq7weJWlTAzo:bdG0bqSVmRtl7wRAo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0aaa73da30429eb2aec6e2b6118079ab_JaffaCakes118

Files

0aaa73da30429eb2aec6e2b6118079ab_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cd32fc2abfae89739ee300eb93b24434

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateMutexA
CreateThread
DeleteFileA
ExitProcess
GetCommandLineA
GetCurrentProcess
GetCurrentThread
GetFileSize
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTickCount
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapUnlock
InterlockedCompareExchange
InterlockedExchange
LoadLibraryA
LocalAlloc
LocalFree
LocalReAlloc
QueryPerformanceCounter
RaiseException
ReleaseMutex
RtlUnwind
SetThreadAffinityMask
SetTimerQueueTimer
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
WaitForSingleObject

shell32

FindExecutableA
SHGetSettings
SHUpdateRecycleBinIcon

msvcrt

_errno
_except_handler3
_exit
_fsopen
_initterm
_ismbblead
_mbsicmp
_mbsnbicmp
_tempnam
_controlfp
exit
fclose
fwrite
memmove
memset
rename
sprintf
srand
wcslen
_chkesp
_cexit
_amsg_exit
__setusermatherr
__set_app_type
__p__fmode
__p__commode
__getmainargs
_unlink
_XcptFilter

user32

SendMessageA
SendDlgItemMessageA
PostMessageA
MessageBoxA
GetDlgItem
EndDialog
EnableWindow
DdeConnect
UpdateWindow

Exports

Exports

MessageBoxChecked
ShowDeviceInfo
SteamGameServerStats
SteamGameServer_GetSteamID
Wiz_Validate

Sections

.text
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd32fc2abfae89739ee300eb93b24434

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

msvcrt

user32

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 32KB

.rdata Size: 99KB - Virtual size: 100KB

.data Size: 19KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 31KB - Virtual size: 32KB

.rdata
Size: 99KB - Virtual size: 100KB

.data
Size: 19KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 4KB