2f3c2c8ac163cb45b5df1688bf96577d_JaffaCakes118

General

Target

2f3c2c8ac163cb45b5df1688bf96577d_JaffaCakes118
Size

133KB
MD5

2f3c2c8ac163cb45b5df1688bf96577d
SHA1

09d7c20b1594b64923f5f0fe37ce8d594147a124
SHA256

6ef255c7dc2e5d2af5ba924622afac8bb47c721d9252494f7a1c0e5ae4f5a6ae
SHA512

108da901d6392232c7694c1edb80f1c8eedb1b368d889bfeb089fb5d6438486b2c97aee7271661a7562313681de3649899b84baf457d27fdade2b3fd6e1f09a8
SSDEEP

3072:l0wXXm02jkcp+JxdwDizaZqVuwA1Fl1g51YM860d5:vDhc8Jo2akVuwoFl1kLR0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f3c2c8ac163cb45b5df1688bf96577d_JaffaCakes118

Files

2f3c2c8ac163cb45b5df1688bf96577d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6581dc2c0cd4aebf5c1ab5c194b18f30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Add
ImageList_DrawEx
ImageList_Read
ImageList_Create
ImageList_GetBkColor
ImageList_Write
ImageList_DragShowNolock
ImageList_Draw

kernel32

SetFilePointer
FindClose
GetProcAddress
GetCurrentProcessId
CloseHandle
WaitForSingleObject
VirtualAlloc
LoadLibraryA
lstrcmpiA
SetLastError
DeleteFileA
ExitProcess
SetErrorMode
Sleep
GetOEMCP
GetCurrentThreadId
GetCPInfo
HeapAlloc
GetACP
GetCommandLineA
LocalFree
FreeResource
GetTempPathA
EnterCriticalSection

version

VerInstallFileA
VerFindFileA

user32

RedrawWindow
PostMessageA
GetMenu
GetDC
PeekMessageW
IsCharLowerA

Exports

Exports

_B8PyfN9eX8sVea@8

Sections

CODE
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lkdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6581dc2c0cd4aebf5c1ab5c194b18f30

Headers

File Characteristics

Imports

comctl32

kernel32

version

user32

Exports

Exports

Sections

CODE Size: 11KB - Virtual size: 11KB

.data Size: 11KB - Virtual size: 130KB

.lkdata Size: 105KB - Virtual size: 104KB

.idata Size: 1KB - Virtual size: 1KB

.jdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

CODE
Size: 11KB - Virtual size: 11KB

.data
Size: 11KB - Virtual size: 130KB

.lkdata
Size: 105KB - Virtual size: 104KB

.idata
Size: 1KB - Virtual size: 1KB

.jdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB