JaffaCakes118_7fc7d6e04c6c637a643e94d370aa1da8

General

Target

JaffaCakes118_7fc7d6e04c6c637a643e94d370aa1da8
Size

91KB
MD5

7fc7d6e04c6c637a643e94d370aa1da8
SHA1

758c5e9e152c73c8ae284644536b459092c175c0
SHA256

b7c0628c16246d847889cf48e0ab5f0adbc8e45606b1da47b2ca5f042f18139d
SHA512

bae2008103b03efd9b7686a1e1626f7c7f43a8294d602d741205aee69b45eb91d3e2221b859513de32aaa3de9b5dcee17c6f16ea258733660a10335717affb6b
SSDEEP

768:5ST+kCis89kYOolNumYFwiPJPCTKoNfOMJhUz1Iz0ghUz1Iz028hUz1Iz0thUz1O:2K5m4wiPw2oF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7fc7d6e04c6c637a643e94d370aa1da8

Files

JaffaCakes118_7fc7d6e04c6c637a643e94d370aa1da8
.exe windows:5 windows x86 arch:x86

4c1f0dbe6245a418c97c5ea2a16f6664

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
CreateThread
DebugBreak
DeleteFileA
DeviceIoControl
EnterCriticalSection
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FileTimeToDosDateTime
FileTimeToLocalFileTime
FormatMessageA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDriveTypeA
GetModuleFileNameA
GetProcAddress
GetProcessHeap
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
CloseHandle
IsDBCSLeadByte
LoadLibraryExA
LocalAlloc
LocalFree
MapViewOfFile
MultiByteToWideChar
OpenFileMappingA
OpenProcess
QueryPerformanceCounter
ReadFile
SetCommTimeouts
SetCurrentDirectoryA
SetErrorMode
SetFileAttributesA
SetFilePointer
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
WaitForMultipleObjects
WideCharToMultiByte
lstrcpynA
lstrlenW
GetStartupInfoA
GetSystemDirectoryA
lstrcatA
CreateFileA
GetTickCount
VirtualAllocEx

user32

SetClipboardViewer
SendMessageA
InvalidateRect
BeginPaint
GetClientRect
DefWindowProcA

gdi32

GetDeviceCaps
AddFontResourceA
CreateFontIndirectA

advapi32

RegOpenKeyExW

msvcrt

memcpy

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4c1f0dbe6245a418c97c5ea2a16f6664

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 22KB - Virtual size: 21KB

.text3 Size: 29KB - Virtual size: 29KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 5KB

.text
Size: 22KB - Virtual size: 21KB

.text3
Size: 29KB - Virtual size: 29KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 5KB