JaffaCakes118_b526b75472f8a28f7f6d3e312c42bf0a

General

Target

JaffaCakes118_b526b75472f8a28f7f6d3e312c42bf0a
Size

201KB
MD5

b526b75472f8a28f7f6d3e312c42bf0a
SHA1

bba0f95cbd75ad089608304a4a8544b0d91da25e
SHA256

724fc1ac0e8251da0e6b6fd47775a6ebe31611ace9817c7664abec5aaa4610f5
SHA512

a676e793b2b2d81ea1663f1c8a784f8f541c34950b888d6cee1966f07febd2c2011c81fe22454447cf21a10ad9cce30d2ec0db3d91810c301b0fbdd96ec76a97
SSDEEP

6144:848dF+iU992jaPb+3QX1HbbfoJVPFP6sU:r8Y9eN3QXRbuVPf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b526b75472f8a28f7f6d3e312c42bf0a

Files

JaffaCakes118_b526b75472f8a28f7f6d3e312c42bf0a
.exe windows:4 windows x86 arch:x86

5b7703a7d1a9e52c881419a39a70190f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateFiberEx
FindClose
RemoveDirectoryA
GetFileAttributesA
lstrlenA
SetFileAttributesW
EscapeCommFunction
CreateDirectoryW
DeleteFileA
FreeLibrary
EndUpdateResourceW
CopyFileW
AreFileApisANSI
SetFileAttributesA
EnumResourceNamesW
CopyFileA
DeleteFileW
GetFileAttributesW
ReadFile
BeginUpdateResourceW
GetFullPathNameA
DebugBreak
OutputDebugStringA
FatalExit
LoadLibraryExW
RemoveDirectoryW
GetFullPathNameW
CreateDirectoryA
GetOEMCP
UpdateResourceW
LoadLibraryExA
GetFileInformationByHandle

shell32

CommandLineToArgvW

advapi32

CryptReleaseContext
CryptGetHashParam
CryptHashData
CryptAcquireContextA
CryptCreateHash
CryptDestroyHash

imagehlp

ImageRvaToVa
ImageNtHeader
ImageGetDigestStream
ImageDirectoryEntryToData

psapi

GetProcessMemoryInfo

user32

wsprintfW
MonitorFromWindow
CharNextA
CharNextW

msvfw32

ICInfo

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b7703a7d1a9e52c881419a39a70190f

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

imagehlp

psapi

user32

msvfw32

Sections

.text Size: 174KB - Virtual size: 173KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 24KB - Virtual size: 23KB

.lib Size: 512B - Virtual size: 52KB

.text
Size: 174KB - Virtual size: 173KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 24KB - Virtual size: 23KB

.lib
Size: 512B - Virtual size: 52KB