f35dcb54b7053d45254b781a50b717f1_JaffaCakes118

General

Target

f35dcb54b7053d45254b781a50b717f1_JaffaCakes118
Size

158KB
MD5

f35dcb54b7053d45254b781a50b717f1
SHA1

12321f9fcd074fdae93c49d4e33e89198306f96f
SHA256

14a9d53a875887c4c62323ad11ef40ac1d26e70b0ba534d6053a50abc7b8ff04
SHA512

6b3775a2a931d346131ca5b0e3f41a23bc28d873d24afce709f1f98654b350d2978dd6fda0f1ac4d4d94100635bbf9bfaf53d25ea94745029ab4790e7ad80623
SSDEEP

3072:z4jSVK2WXhgO60AQL8RZk2SAkxl1vhHhICXeGacOq8hGXdbd99Sd0qjc4NumOK:z4+V8XhguAQIRknNhHSGaFq8h8dDSJN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f35dcb54b7053d45254b781a50b717f1_JaffaCakes118

Files

f35dcb54b7053d45254b781a50b717f1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

657f39a3ac68395e19399dfd0d61e93b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msi

ord195

user32

GetWindowDC
ReleaseDC
GetForegroundWindow
SetWindowTextA
LoadCursorA
CloseWindow
IsWindow
LoadIconA
OpenIcon
AnyPopup
LoadCursorFromFileA
IsChild

kernel32

TlsAlloc
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
Sleep
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GetStringTypeA
GetTickCount
GetEnvironmentStrings
IsDebuggerPresent
GetStdHandle
GetCommandLineW
GetModuleHandleA
GetEnvironmentStringsW
VirtualAlloc
CreateMutexA
GetVersionExA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
SetEnvironmentVariableA
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
IsBadWritePtr
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

657f39a3ac68395e19399dfd0d61e93b

Headers

DLL Characteristics

File Characteristics

Imports

msi

user32

kernel32

Sections

.text Size: 39KB - Virtual size: 38KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 111KB - Virtual size: 197KB

.rsrc Size: 1024B - Virtual size: 648B

.text
Size: 39KB - Virtual size: 38KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 111KB - Virtual size: 197KB

.rsrc
Size: 1024B - Virtual size: 648B