JaffaCakes118_5f9bc3f863bc51015db3a83222ff4d2e

General

Target

JaffaCakes118_5f9bc3f863bc51015db3a83222ff4d2e
Size

188KB
MD5

5f9bc3f863bc51015db3a83222ff4d2e
SHA1

efb5179bc4d034bd3343a1f0573ffe9d6d2d852a
SHA256

432bcc1338c4f448fe61779dad178f2c4489708a46a5bb06a7971eaa243f9b74
SHA512

8ca59654ad9bdd893974a783641c4f83ce183ddeb08413c48cd6eb8254f0f6064ebbd9410b1c5328be4c8f5852af6b4032efbd85162efd2a0bca92574940d108
SSDEEP

3072:z23OhUjSnWqeXbu3Xdp9CzyD688iY+EPH9N2BHwS8DwBmg5kyYjjwTrrrrrrE:632nWqeXbUJCG288i2HAQZCjCerrrrrr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_5f9bc3f863bc51015db3a83222ff4d2e

Files

JaffaCakes118_5f9bc3f863bc51015db3a83222ff4d2e
.exe windows:4 windows x86 arch:x86

239a55fa9501e9c0037a61738158b254

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FlashWindow
wsprintfA
CharNextA
GetActiveWindow

kernel32

FreeLibrary
LocalAlloc
InterlockedExchange
RaiseException
CloseHandle
GetCurrentProcess
GetLastError
CreateDirectoryA
GetFileAttributesA
DeleteFileA
SetFileAttributesA
GetSystemDirectoryA
GetModuleHandleA
GetProcAddress
Sleep
ExitProcess
IsBadReadPtr
LoadLibraryA
GetCurrentDirectoryA
GetTempPathA
MoveFileA
SetFileTime
GetFileTime
GetModuleFileNameA
WriteFile
GetCurrentProcessId
CreateFileA
SleepEx
GetShortPathNameA
ExpandEnvironmentStringsA
CreateEventA
SetUnhandledExceptionFilter
GetCommandLineA
GetCurrentThreadId
GetStartupInfoA

shlwapi

SHDeleteKeyA

msvcrt

__CxxFrameHandler
rand
_ftol
_except_handler3
memset
memmove
??2@YAPAXI@Z
srand
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
_controlfp
_strlwr
_strupr

ws2_32

getprotobynumber
closesocket

Sections

CODE
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

239a55fa9501e9c0037a61738158b254

Headers

File Characteristics

Imports

user32

kernel32

shlwapi

msvcrt

ws2_32

Sections

CODE Size: 12KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 164KB - Virtual size: 166KB

.rsrc Size: 4KB - Virtual size: 3KB

CODE
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 164KB - Virtual size: 166KB

.rsrc
Size: 4KB - Virtual size: 3KB