3e37ae8bbcf1de497f58b5222f1906a6_JaffaCakes118

General

Target

3e37ae8bbcf1de497f58b5222f1906a6_JaffaCakes118
Size

143KB
MD5

3e37ae8bbcf1de497f58b5222f1906a6
SHA1

f9f9f57186a3571fc22cdc68d0762456e5c5d46e
SHA256

bff92e2fc02ec4b2808cdca014e2390703efb9e8c289fca87b972404fd35eb10
SHA512

eff805cf82047c0858691882659085e70854e076585a8e66083832c6303716d2ce216cae90d6e0224300069da4b5a774e4d639bb17fa958f0f4b52860265bd03
SSDEEP

3072:516VyuSL1vsMdNZ+wZtJz10jS53rYA1+NP/fDF1:T6DS6M/Z+wZtpmjS911e3DX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e37ae8bbcf1de497f58b5222f1906a6_JaffaCakes118

Files

3e37ae8bbcf1de497f58b5222f1906a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

11ad150ad367470f21b115ac4c92148e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GetOEMCP
GetLogicalDrives
FreeLibrary
GetFileSize
lstrcatA
lstrcpynA
GetFileType
GetCommandLineA
GetModuleHandleA
GetCommandLineW
lstrcpyA
GetLastError
lstrcmpiA
lstrcmpA
HeapAlloc
GetLastError
Sleep
GetStringTypeW
FreeConsole
DeleteFileA
FreeConsole
lstrcmpA
FreeConsole
GetLastError
FreeConsole
HeapAlloc
FreeConsole
GlobalFree
FreeConsole
lstrcatA
FreeConsole
GetStringTypeW
FreeConsole
GetLogicalDrives
FreeConsole
GetModuleHandleA

user32

GetCursor
AlignRects
CopyImage
AppendMenuW
GetWindowTextA
GetFocus
LoadCursorA
DrawIcon
GetMenu
CreateIcon
GetDlgItem
CopyRect
GetDC
CopyIcon
DrawIconEx
CloseWindow
AppendMenuA
DrawTextA
DialogBoxParamW
BlockInput
LoadMenuA
DialogBoxParamW
LoadCursorA
DrawIconEx
GetFocus
CopyImage
DrawTextA
EndDialog
CalcMenuBar
CopyRect
GetMenu
GetWindowTextA
AppendMenuA
AppendMenuW
CopyIcon
GetDC
BlockInput
DrawTextW
CloseWindow
LoadMenuA

Sections

.taxt
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.raata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eadta
Size: 2KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11ad150ad367470f21b115ac4c92148e

Headers

File Characteristics

Imports

kernel32

user32

Sections

.taxt Size: 23KB - Virtual size: 22KB

.raata Size: 105KB - Virtual size: 104KB

.eadta Size: 2KB - Virtual size: 134KB

.idata Size: 8KB - Virtual size: 8KB

.taxt
Size: 23KB - Virtual size: 22KB

.raata
Size: 105KB - Virtual size: 104KB

.eadta
Size: 2KB - Virtual size: 134KB

.idata
Size: 8KB - Virtual size: 8KB