3eab059b56479fdfef67b57a0badaa05_JaffaCakes118

General

Target

3eab059b56479fdfef67b57a0badaa05_JaffaCakes118
Size

68KB
MD5

3eab059b56479fdfef67b57a0badaa05
SHA1

42d113febca8d98fd0de47b435ead57cf27b0aff
SHA256

fd1eb6733636b8a5a0c2e41c684c3746b22321b65b941678633b92306d845d8a
SHA512

f991fc9b55b0e174ed76d0e02e1770f95a8e8c9561b4e85cb34a0d17e1f90d6def8d52f9fcc5f0607bac021552fe3cb600d594f6732db0d919027c362d64fddd
SSDEEP

768:fk6fPHoAlUKyGfgXiluCk27bAuXP7gce5VGkph0cMlXWyy0ru:DfPHo0UKI07Jgdioh0yyy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3eab059b56479fdfef67b57a0badaa05_JaffaCakes118

Files

3eab059b56479fdfef67b57a0badaa05_JaffaCakes118
.exe windows:4 windows x86 arch:x86

26c9b1bf7ec88978f89b1a00c99dff7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetStartupInfoA
FindResourceA
SizeofResource
Sleep
LoadResource

gdi32

CreateSolidBrush

mfc42

msvcirt

??1ifstream@@UAE@XZ
??_Difstream@@QAEXXZ
??_Dofstream@@QAEXXZ
??1ofstream@@UAE@XZ
?close@ifstream@@QAEXXZ
?put@ostream@@QAEAAV1@E@Z
?get@istream@@QAEAAV1@AAD@Z
??0ofstream@@QAE@PBDHH@Z
?open@ifstream@@QAEXPBDHH@Z
?openprot@filebuf@@2HB
??0ifstream@@QAE@XZ
??1ios@@UAE@XZ

msvcrt

__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
fopen
_initterm
fgetc
fputc
fclose
_ftol
pow
fwrite
_setmbcp
_access
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_EH_prolog
__CxxFrameHandler
_makepath
fread
_mbscmp
_splitpath
_fsopen
fseek

shell32

ShellExecuteA

user32

ReleaseCapture
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendMessageA
LoadIconA
EnableWindow
wsprintfA

Sections

z0mB
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

26c9b1bf7ec88978f89b1a00c99dff7f

Headers

File Characteristics

Imports

kernel32

gdi32

mfc42

msvcirt

msvcrt

shell32

user32

Sections

z0mB Size: 60KB - Virtual size: 60KB

.rsrc Size: 4KB - Virtual size: 8KB

.avp Size: 2KB - Virtual size: 4KB

z0mB
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 4KB - Virtual size: 8KB

.avp
Size: 2KB - Virtual size: 4KB