390785c2422f44721806d7799a99011e_JaffaCakes118

General

Target

390785c2422f44721806d7799a99011e_JaffaCakes118
Size

145KB
MD5

390785c2422f44721806d7799a99011e
SHA1

9a83d7f028ff0fbd6e31a5340dae038e27177f7e
SHA256

e8332082dcf03e9f548ee02f95e2437e646615418912b0feac886a800a6925f2
SHA512

6c15c570174e4d64128f3572ea84b056d51123aac0a0f8b28ca1f45b6bf323284ddef068a5897758caf595542201013142fbaf5b24635f326790cf7442a9f0db
SSDEEP

3072:ZXwWw7BADDuDvFiLen584C1WVS/DcNvX4WgbLc+M4oBD:ZXwj4SjFC6584C1mB9XhgbAdhR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
390785c2422f44721806d7799a99011e_JaffaCakes118

Files

390785c2422f44721806d7799a99011e_JaffaCakes118
.exe windows:9 windows x86 arch:x86

511f22eb27a35da41b5e378ca2e98bef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
MultiByteToWideChar
VirtualFree
GetCurrentProcess
GetModuleHandleA
SetUnhandledExceptionFilter
VirtualFree
GetCurrentProcessId
GetModuleFileNameA
FindResourceA
GetCurrentProcess
GetTickCount
GetModuleFileNameA
LocalAlloc
LocalFree
GetCurrentThreadId
MultiByteToWideChar
GetModuleHandleA
GetModuleFileNameA
LocalAlloc
GetCurrentThreadId
GetCurrentProcessId
GetProcessHeap
WaitForSingleObject
GetACP
GetCommandLineA
GetModuleFileNameA
LocalFree
GetModuleFileNameA
GetProcessHeap
GetModuleHandleW

ntdll

NtAllocateVirtualMemory

user32

IsDlgButtonChecked
LoadImageW
BeginPaint
EnableMenuItem
CheckDlgButton
MoveWindow
LoadAcceleratorsW
SendDlgItemMessageW
GetMessageW
GetSystemMetrics
GetSysColor
GetSystemMenu
GetSystemMetrics
PostMessageW
SetWindowPos
EndPaint
GetCursorPos
KillTimer
EndPaint
MoveWindow
GetCursorPos
EnableMenuItem
CheckDlgButton
GetSysColor

Sections

.text
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdata
Size: 129KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

511f22eb27a35da41b5e378ca2e98bef

Headers

File Characteristics

Imports

kernel32

ntdll

user32

Sections

.text Size: 10KB - Virtual size: 12KB

.data Size: 2KB - Virtual size: 4KB

.sdata Size: 129KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 152KB

.text
Size: 10KB - Virtual size: 12KB

.data
Size: 2KB - Virtual size: 4KB

.sdata
Size: 129KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 152KB