102504028de14d960b0a0ebcab5311c1_JaffaCakes118

General

Target

102504028de14d960b0a0ebcab5311c1_JaffaCakes118
Size

186KB
MD5

102504028de14d960b0a0ebcab5311c1
SHA1

6f730e0eb70d5917ae5a1a10497b430629ad556a
SHA256

8b4ee5cec5f1b05ed8c257addeb0614366c713219c860feee2a3b323c9130075
SHA512

34d9a5e0177c5f4bf66a83aed7f463bc5f3c70dd1ffb67b4dbfcd053164f0e158b047ddbb39892fa6df453199f3eaefc2c6a2dd2e22d62411d9d8beaeba274f0
SSDEEP

3072:OzIkWOOOTM4c7m5p69vhObM6cOJQo+WPnqt5qY5JX7fj/n08QltSPn2kwlwLPjeS:pEbu7mrwUYfMQo+WPnEnv03t9lwL7eds

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
102504028de14d960b0a0ebcab5311c1_JaffaCakes118

Files

102504028de14d960b0a0ebcab5311c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d976c1beabfdd7942d1d1fe24ed83f51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
GetFileSize
VirtualAlloc
GetModuleHandleA
ExpandEnvironmentStringsW
GetProcessHeap
CloseHandle
HeapDestroy
TerminateProcess
FindFirstFileW
lstrcpynA
Sleep
lstrcpyW
VirtualProtect
FreeEnvironmentStringsA
HeapAlloc
SetStdHandle
ExitProcess
WriteConsoleW
FindResourceExW
GetVersion
WriteFile
QueryPerformanceCounter
MultiByteToWideChar
GetCurrentThreadId
GetSystemTimeAsFileTime
SetFileAttributesW
lstrlenW
GetCPInfo
FindFirstFileA
GetTickCount
GetACP
FreeResource
GetStartupInfoA
GetConsoleMode
lstrcatA
TlsAlloc
GetOEMCP
RtlUnwind
GlobalAlloc
SetConsoleCP
GetProcAddress
SetHandleCount
InterlockedExchange

msvcrt

_stricmp
_amsg_exit
fflush
_onexit
_errno

user32

EnumThreadWindows
CallWindowProcW
SetWindowsHookExA
CloseClipboard
DrawIcon
GetWindow
PtInRect
CopyRect
DrawTextA
OffsetRect
LoadStringW
GetWindowLongA
GetDlgItem
MessageBeep
WindowFromPoint

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d976c1beabfdd7942d1d1fe24ed83f51

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 26KB - Virtual size: 26KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 131KB - Virtual size: 188KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 131KB - Virtual size: 188KB

.rsrc
Size: 16KB - Virtual size: 16KB