JaffaCakes118_001fe996c420617c66d5493a08d62f05

General

Target

JaffaCakes118_001fe996c420617c66d5493a08d62f05
Size

70KB
MD5

001fe996c420617c66d5493a08d62f05
SHA1

5cb96806c813893cd556f68d709c62f0ac8e3941
SHA256

2f9bf915d365578bf8139361f62fee2870b3502bc8a7687d572ab9fb3f9042d6
SHA512

3d3c18c37b2e871c87fed8edb5bc89ee3a2e299eefc2d3fe5828a590d89f53b3a508eef7474de130407b80d1a657c6a2bc6f118de89c2a631216a177a07f705b
SSDEEP

1536:jTpD5IhHN5e9l+1VuBy43XkYcxvjWc7duA8jK9Gs:ZNIhH7m2Ys4HkT5yrA8jK9Gs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_001fe996c420617c66d5493a08d62f05

Files

JaffaCakes118_001fe996c420617c66d5493a08d62f05
.exe windows:1 windows x86 arch:x86

72c63f3a446eb263b1a898da9ca24ae2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
HeapCreate
GetStartupInfoA
PulseEvent
Module32Next
TerminateProcess
GetProcessAffinityMask
GetSystemInfo
GetCurrentDirectoryA
lstrcpyA
GlobalAddAtomA
GetStringTypeA
GetProcessWorkingSetSize
GlobalUnlock
InterlockedDecrement
ReadFile
GetLocaleInfoA
ExitProcess
FileTimeToLocalFileTime
LCMapStringW
GetThreadContext
InterlockedIncrement
GetDriveTypeA
GetLastError
GetTickCount
TlsFree
ExitThread
FileTimeToSystemTime
GetFileAttributesA
QueryPerformanceCounter
HeapFree
SetThreadAffinityMask
GetModuleHandleA
LocalFree
lstrcmpiA
DeleteFileA

user32

GetDC
EndDeferWindowPos
DestroyIcon
InvalidateRect
SetWindowTextA
DrawEdge
IsDlgButtonChecked
RemoveMenu
DeleteMenu
DialogBoxParamA
GetScrollInfo
GetParent
GetPropA
CopyRect
wsprintfA
FindWindowExA
ModifyMenuA
DrawIconEx
BeginPaint
LoadImageA
EndDialog
GetCapture
CreatePopupMenu
GetWindowDC
DrawFrameControl
GetDlgItemTextA
IsDialogMessageA
GetDesktopWindow
GetUpdateRgn
ReleaseDC
DialogBoxIndirectParamA
IsWindowVisible
RegisterClassExA
SendMessageTimeoutA
DefWindowProcA
ShowWindow
FindWindowA
DefMDIChildProcA
UnionRect

msvcrt

__p__commode
_except_handler3
__getmainargs
__set_app_type
_adjust_fdiv
_acmdln
_controlfp
_exit
exit
memcpy
__setusermatherr
_initterm
_XcptFilter
__p__fmode

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72c63f3a446eb263b1a898da9ca24ae2

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 60KB

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 60KB

.rsrc
Size: 40KB - Virtual size: 40KB