3dde721bb3cd639fcafb26b968a6d0e0_JaffaCakes118

General

Target

3dde721bb3cd639fcafb26b968a6d0e0_JaffaCakes118
Size

274KB
MD5

3dde721bb3cd639fcafb26b968a6d0e0
SHA1

af366b18d78c6bd11791cf828302952d4b85523f
SHA256

05db483f27bd7da7b1815ae2a5bf5ae01527fbe2068522a6c776248bda3ed74f
SHA512

29ca338e97715965597c7383e5a625df2eb9f7f2bed245da11c197f75fd70f58a43f3d382a9c19f868769b2d9cdeb8ad4f6c16d64dd76611ed4657c9f3acb41f
SSDEEP

6144:Cm9eUk8CPtWpJXc2/qcSMfuCw0oiJ5rJKvxwiyaPHK:59eHeJscSMmCpoiJ5rMJxPHK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dde721bb3cd639fcafb26b968a6d0e0_JaffaCakes118

Files

3dde721bb3cd639fcafb26b968a6d0e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

df6b92ca581eda8ca40a4ba6817b373b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetCommandLineA
VerSetConditionMask
Sleep
DeleteCriticalSection
SuspendThread
GetEnvironmentVariableA
GlobalHandle
GetCPInfo
EnumResourceNamesW
OpenProcess
DeleteTimerQueueTimer
LeaveCriticalSection
GetShortPathNameW
InitializeCriticalSectionAndSpinCount
GlobalAddAtomW
WinExec
Beep
CreateMutexW
CopyFileW
TlsAlloc
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
GetACP
GetOEMCP
GetCurrentThreadId
TlsSetValue
SetLastError
TlsGetValue
GetLastError
RtlUnwind
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
HeapReAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetProcAddress
LoadLibraryA
InterlockedDecrement
InterlockedIncrement

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

gugguqq
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

eqsiq
Size: 17KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ossyw
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

df6b92ca581eda8ca40a4ba6817b373b

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 18KB - Virtual size: 18KB

gugguqq Size: 190KB - Virtual size: 190KB

eqsiq Size: 17KB - Virtual size: 18KB

ossyw Size: 47KB - Virtual size: 46KB

.text
Size: 18KB - Virtual size: 18KB

gugguqq
Size: 190KB - Virtual size: 190KB

eqsiq
Size: 17KB - Virtual size: 18KB

ossyw
Size: 47KB - Virtual size: 46KB