JaffaCakes118_e3a8d7e8cda02243bb9c186cb741216c18d845683a6cdca2117866c7f103e6cf

General

Target

JaffaCakes118_e3a8d7e8cda02243bb9c186cb741216c18d845683a6cdca2117866c7f103e6cf
Size

897KB
MD5

73fcd0d25a449025c36cb0a7b41ac194
SHA1

7fdbdef1d22ca82a4a32ac3ca9ff1540fafd0e0c
SHA256

e3a8d7e8cda02243bb9c186cb741216c18d845683a6cdca2117866c7f103e6cf
SHA512

cb6870e481b3567c53d7f6a09d88bac0a2c51ab572ac77cd6552545c3335ecaaff856aa4cbc45bd8f7c1dcf4ff72f0a7dafc679e3554816ecead02a1025333b8
SSDEEP

12288:xoI9bkG8Si/EB3hUgGL0o6ImasLOlMS9mfzID6nwg575IYh1gXPwbnfh4N1N1yXW:xp9bkGq8BOhIc9kcOwg575P1BnyK0UO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_e3a8d7e8cda02243bb9c186cb741216c18d845683a6cdca2117866c7f103e6cf

Files

JaffaCakes118_e3a8d7e8cda02243bb9c186cb741216c18d845683a6cdca2117866c7f103e6cf
.exe windows:4 windows x86 arch:x86

d0231701be7f6bf24937c64f3407c6fb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
GetEnvironmentStringsW
CreateMutexA
InterlockedDecrement
FoldStringW
GetLongPathNameA
GetDiskFreeSpaceA
GetOEMCP
GetACP
GetTickCount
GetCommandLineA
lstrlenW
ExitProcess
LCMapStringW
CreateThread
CloseHandle
FormatMessageW
GetCommandLineW
GetStdHandle
InterlockedExchange
CreateEventA
GetProcessHeap
GetModuleHandleW
GetStartupInfoA

user32

ReleaseCapture
CreateWindowExA
LoadCursorFromFileA
SetWindowTextW
LoadStringW
RegisterClassW
DefWindowProcW
LoadIconA
DestroyIcon
SetWindowLongW
UnregisterClassA
PostMessageW
CreateWindowExW
SetWindowPos
SendMessageW

gdi32

CreateDIBSection

shlwapi

PathGetDriveNumberA

opengl32

glGetError

msvcrt

_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
sprintf

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 448KB - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0231701be7f6bf24937c64f3407c6fb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shlwapi

opengl32

msvcrt

Sections

.text Size: 24KB - Virtual size: 22KB

.data Size: 448KB - Virtual size: 444KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 22KB

.data
Size: 448KB - Virtual size: 444KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 1KB