0ba8df9aa67a17f88539b50ea3cfe829_JaffaCakes118

General

Target

0ba8df9aa67a17f88539b50ea3cfe829_JaffaCakes118
Size

540KB
MD5

0ba8df9aa67a17f88539b50ea3cfe829
SHA1

5f188856916b8438f9edae72c56e6ac90043602b
SHA256

b299f171405bbb1bc9fd74562bf54d047d8ec22e82f1ae718996b3e0b9fc2cad
SHA512

3722aea630d17ff9fe6785abde2937a7d30e7f120b63b17036e850ebbad5b818baa31e6f06a665afa1c775808665bbf5cf5e6e2c4175a2caa8b6d3d0b6ee6354
SSDEEP

12288:KzKMisp9ao4syRv5NWC5bUCk3Rlmf2O0:Kz338zZwBlmf2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ba8df9aa67a17f88539b50ea3cfe829_JaffaCakes118

Files

0ba8df9aa67a17f88539b50ea3cfe829_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb4a1f3cca8c3b076a947b5b61d89be4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItem

kernel32

GetStdHandle
VirtualAlloc
GetFileType
Sleep
TlsGetValue
FindClose
LoadResource
InitializeCriticalSection
LocalFree
GetOEMCP
SetEnvironmentVariableA
GetStringTypeW
FindNextFileW
SetUnhandledExceptionFilter
InterlockedExchange
ReadFile
TlsFree
MapViewOfFile
GetCPInfo
GetCurrentThread
GetStringTypeA
GetProcAddress
GetCommandLineA
FreeEnvironmentStringsW
SetErrorMode
UnhandledExceptionFilter
WideCharToMultiByte
DeleteFileA
GetConsoleMode
GetCurrentDirectoryA
GetEnvironmentStrings
GetStartupInfoA
FreeEnvironmentStringsA
GetLocalTime
RemoveDirectoryA
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
HeapDestroy
FreeLibrary
GetConsoleCP
GetModuleFileNameW
SetHandleCount
HeapFree
GetLastError
GetProcessHeap
ExitProcess
GetModuleHandleA
GetVersion
TerminateProcess
GetCurrentProcess
GetEnvironmentStringsW
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
RtlUnwind
WriteFile
InterlockedDecrement
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
GetACP
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 504KB - Virtual size: 500KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eb4a1f3cca8c3b076a947b5b61d89be4

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 32KB - Virtual size: 30KB

.data Size: 504KB - Virtual size: 500KB

.text
Size: 32KB - Virtual size: 30KB

.data
Size: 504KB - Virtual size: 500KB