1320c457a070f554ecefed16651f3a5a_JaffaCakes118

General

Target

1320c457a070f554ecefed16651f3a5a_JaffaCakes118
Size

220KB
MD5

1320c457a070f554ecefed16651f3a5a
SHA1

505e9d9aeaa0c4c9dbe1afc04935e863eb5bdb40
SHA256

86abbd68a7cedd62b32dd49569daaf96b6efa3a33f0c2ed5a9c04f1ffbc970e5
SHA512

df6af88f54070c8e88c4a85026413257561686d3313e5a079c7601e2dd5967cd8b13f96fde32876c0dd9d4a09ac7236ee16f571451e1a2acc0f775daef947e64
SSDEEP

6144:XDfc7fL0DNn5Zg2HRAOAIBrdLl00T6DWKLC7kLIlOeF1o3:XDQgBn5i2RjK0+WfF1o3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1320c457a070f554ecefed16651f3a5a_JaffaCakes118

Files

1320c457a070f554ecefed16651f3a5a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cfdbdf52e153bff8aa97db6a242365a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
LockResource
SizeofResource
InitializeCriticalSection
VirtualProtect
VirtualFree
LoadLibraryA
VirtualAlloc
GetTickCount
GetProcAddress
GetModuleHandleA
OpenSemaphoreA
CreateFileA
LocalAlloc
lstrcatA
ExitProcess
SetEvent
Sleep
CreateTimerQueue
GetLastError
DeleteCriticalSection
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetStartupInfoA
GetCommandLineA
GetVersionExA
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
HeapFree
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetSystemInfo

user32

LoadStringA
IsWindow
IsIconic

msvfw32

DrawDibEnd

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cfdbdf52e153bff8aa97db6a242365a0

Headers

File Characteristics

Imports

kernel32

user32

msvfw32

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 180KB - Virtual size: 179KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 180KB - Virtual size: 179KB