43e488560beb1fcf8c8071ea93f687b8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43e488560beb1fcf8c8071ea93f687b8_JaffaCakes118
Size

292KB
MD5

43e488560beb1fcf8c8071ea93f687b8
SHA1

a22a117b0d7bc8e5e09b0676f4e06afbed6430e9
SHA256

d37818d59f52fcc884e68fcb53e4fddf31b98809ffc21c4371b9157af7dc2db3
SHA512

50caf5901578cb224edc8656eb980edf801d27f92c2faeff321df4c4783b229680a7c0eac48f4a3d6741e24ce36249ab8153309c078feba10814788ae30335bd
SSDEEP

3072:I3RHltYHnhDlCPuE8e0ZeSDjWa5ZUOlTkdshpO7TLhgXLjh9u3AbNHHQv7BNEiu:4FwhXEF0ZD/1Lzgdj/hgK3A5HY3E9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43e488560beb1fcf8c8071ea93f687b8_JaffaCakes118

Files

43e488560beb1fcf8c8071ea93f687b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b70c6458cde751e6ffce34ca19485262

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetProcAddress
GetModuleHandleA
FindNextFileA
GetTickCount
TerminateThread
WaitForSingleObject
GetCommandLineA
FindFirstFileA
ReleaseMutex
GlobalFree
LoadLibraryA
GetEnvironmentStrings
SetStdHandle
GetLocaleInfoA
HeapSize
SetFilePointer
FlushFileBuffers
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetCPInfo
VirtualAlloc
InterlockedExchange
VirtualFree
GetOEMCP
GetACP
ReadFile
Sleep
RtlUnwind
VirtualQuery
GetSystemInfo
ExitProcess
HeapAlloc
GetStartupInfoA
GetVersionExA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
RaiseException
HeapDestroy
HeapCreate
HeapFree
HeapReAlloc
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
MultiByteToWideChar
CloseHandle

user32

OpenIcon
IsIconic
LoadIconA
ShowWindow
LoadAcceleratorsA
GetTopWindow
FindWindowA
EnumWindows
PostMessageA

gdi32

SelectObject
GetPixel

psapi

GetModuleBaseNameA

avifil32

AVIFileInit

msvfw32

DrawDibStop

msacm32

acmDriverAddA

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 216KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b70c6458cde751e6ffce34ca19485262

Headers

File Characteristics

Imports

kernel32

user32

gdi32

psapi

avifil32

msvfw32

msacm32

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 8KB

.tls Size: 216KB - Virtual size: 214KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 8KB

.tls
Size: 216KB - Virtual size: 214KB

.rsrc
Size: 24KB - Virtual size: 22KB