10b65e6587d7e8461508e8f41affd487_JaffaCakes118

General

Target

10b65e6587d7e8461508e8f41affd487_JaffaCakes118
Size

8.0MB
MD5

10b65e6587d7e8461508e8f41affd487
SHA1

25a92c05434f35112ebc9c188fc60547a81e63fe
SHA256

a74cd097fa21d37b5c037923c737edb0f8d8184945159f7a15bef3be102ba473
SHA512

caa28218b91c296e5a9b12966890275fef8b8b585d780e59a7b59f2c65d23a0961e0e826a0b5a84e80366834b25671c294101e399f9e61e0fb6beb82fbf6ada6
SSDEEP

196608:kLWkdNEZyUQ8yDuuKeqxz93MnOfL+uUCl:6Wk6yUXyDgxz9ffiM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10b65e6587d7e8461508e8f41affd487_JaffaCakes118

Files

10b65e6587d7e8461508e8f41affd487_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac2c5f261afca338baca3e41024b1c00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetVersion
TerminateProcess
GetCurrentProcess
LoadLibraryW
GlobalAlloc
GetThreadTimes
GetLastError
GetCurrentThreadId
GetLongPathNameA
GetProcAddress
LoadLibraryA
lstrlenA
Sleep
SetUnhandledExceptionFilter
RaiseException
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
ReadFile
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
CreateFileA
FlushFileBuffers
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
HeapFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
WriteFile
SetFilePointer
SetStdHandle

user32

UpdateWindow
RegisterWindowMessageA
IsWindowEnabled
PostMessageA
FindWindowA
GetScrollPos
GetGUIThreadInfo
LoadCursorFromFileA
LoadStringA
GetWindowWord
GetWindowThreadProcessId
RegisterHotKey
PeekMessageA
SetRect
GetScrollInfo

gdi32

CreateRectRgn

shlwapi

PathCombineA

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 617KB - Virtual size: 617KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac2c5f261afca338baca3e41024b1c00

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shlwapi

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 617KB - Virtual size: 617KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 617KB - Virtual size: 617KB