e757d41766939459c9b47ed1fc147c43_JaffaCakes118

General

Target

e757d41766939459c9b47ed1fc147c43_JaffaCakes118
Size

227KB
MD5

e757d41766939459c9b47ed1fc147c43
SHA1

e6469df83ad18c5c2b0a1b5435f4a9ac2748f501
SHA256

e213e4b70faeb477c78042a3bfd3f60f7b731a81bc5622e63faa6e3b00c60d66
SHA512

814da071ec7a79b91b544fa912621363a7c74fff92d6d04992d782616d713898cfa7d72cf2854874a9392f15d742b5dbde96b5a414d27cceca8484c4f8d49da2
SSDEEP

6144:CyCD67WSs11Spj2cDqdMgUDhSiFhp7/s6zo1TW1c:CHJSsLSBtSizpjs60E1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e757d41766939459c9b47ed1fc147c43_JaffaCakes118

Files

e757d41766939459c9b47ed1fc147c43_JaffaCakes118
.exe windows:4 windows x86 arch:x86

817833b8228d1daa6c03fece1ea38e59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
SetFileAttributesW
TlsSetValue
GetComputerNameW
RtlUnwind
HeapDestroy
VirtualUnlock
GetCurrentProcess
GetStartupInfoA
VirtualAlloc
WideCharToMultiByte
TlsFree
HeapReAlloc
GetEnvironmentStringsW
SetConsoleOutputCP
GetEnvironmentStrings
DeleteCriticalSection
VirtualFree
GetModuleFileNameA
FreeEnvironmentStringsA
HeapCreate
ExitProcess
GetCPInfo
GetVersion
LCMapStringA
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetStdHandle
FindResourceW
MultiByteToWideChar
QueryPerformanceCounter
GetPrivateProfileStringW
SetLastError
SystemTimeToTzSpecificLocalTime
VirtualQuery
GetCurrentThreadId
WritePrivateProfileSectionA
HeapAlloc
GetLastError
HeapFree
GlobalFix
WriteFile
GetCurrentProcessId
RtlFillMemory
InitializeCriticalSection
GetStringTypeA
TryEnterCriticalSection
LeaveCriticalSection
ReadConsoleA
GetCommandLineA
IsBadWritePtr
EnterCriticalSection
TlsAlloc
UnhandledExceptionFilter
RtlMoveMemory
lstrcatW
GetModuleHandleA
GetAtomNameA
GetACP
GetStringTypeW
VirtualProtect
GetOEMCP
OpenSemaphoreW
OpenSemaphoreA
GetEnvironmentStringsA
LCMapStringW
GetProcAddress
GetCurrentThread
GetFileType
CompareStringA
TlsGetValue
InterlockedExchange
SetHandleCount
TerminateProcess

comdlg32

ChooseColorA
FindTextW

gdi32

SetTextColor
CreateHatchBrush
MaskBlt
SetROP2
SelectClipPath

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

817833b8228d1daa6c03fece1ea38e59

Headers

File Characteristics

Imports

kernel32

comdlg32

gdi32

Sections

.text Size: 112KB - Virtual size: 112KB

.data Size: 105KB - Virtual size: 104KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 112KB - Virtual size: 112KB

.data
Size: 105KB - Virtual size: 104KB

.rsrc
Size: 8KB - Virtual size: 8KB