11dd98078e31a6770f7e1dfd00baa7f7_JaffaCakes118

General

Target

11dd98078e31a6770f7e1dfd00baa7f7_JaffaCakes118
Size

187KB
MD5

11dd98078e31a6770f7e1dfd00baa7f7
SHA1

654a004aa0df449c478d2b53b9ec0551388def9a
SHA256

447da45aba633ff5b637d96384fdf904de1f2bb9222e1fd16ab293a0618873da
SHA512

e038b858451b9e2b015542404602767a0663c87c6e8614e8b2d311f59dfacdaba044500db8fab0780bf07bb61e22eae2dd5a58210f6d0a840a79562107517571
SSDEEP

3072:NMwv8HRgGS+LA+Y3iWBTs1sgFleUgjmpSioNOiRN5bitTxKAY8wTzVmDDgAyp7th:iwv8HRgj+Lc/B4WSrXpS99MKpTsgA6cu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11dd98078e31a6770f7e1dfd00baa7f7_JaffaCakes118

Files

11dd98078e31a6770f7e1dfd00baa7f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b4d5aadd02d4e1b79aa4e97ad0a8ff97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
FindResourceW
GetSystemTime
InitializeCriticalSection
lstrcmpiA
GetStartupInfoA
InterlockedCompareExchange
HeapAlloc
GetModuleFileNameA
GetVersion
GetACP
SetHandleCount
InterlockedIncrement
GlobalHandle
LeaveCriticalSection
SetEvent
SetStdHandle
CompareStringA
Sleep
LoadResource
WriteFile
SetConsoleCtrlHandler
GetLocaleInfoA
ExitProcess
GetTickCount
GetModuleHandleA
LoadLibraryA
CompareStringW
CreateMutexW
SetConsoleCP
GetThreadLocale
GetOEMCP
QueryPerformanceCounter
OutputDebugStringA
TerminateProcess
TlsSetValue
IsDebuggerPresent
SetLastError
HeapDestroy
VirtualProtect
GetFileSize
SetUnhandledExceptionFilter
GetCurrentProcessId

user32

IsRectEmpty
GetSystemMetrics
EndDialog
UnionRect
PeekMessageW
DestroyMenu
PtInRect
MoveWindow
DefWindowProcA
LoadIconW

msvcrt

_purecall
??2@YAPAXI@Z
??1type_info@@UAE@XZ

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 127KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4d5aadd02d4e1b79aa4e97ad0a8ff97

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 127KB - Virtual size: 184KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 127KB - Virtual size: 184KB

.rsrc
Size: 17KB - Virtual size: 16KB