f72671c0153a80bbe0415cd9e354834d_JaffaCakes118

General

Target

f72671c0153a80bbe0415cd9e354834d_JaffaCakes118
Size

430KB
MD5

f72671c0153a80bbe0415cd9e354834d
SHA1

cfd925bc5fd7e264beb2567125bee690c6010297
SHA256

ed728ea1e13fe71b7efe5be4eb4a8fdd4ab376f33afc255be65805e1fa6aaab5
SHA512

85e74e0a2564287895091ce3c3fe7f9fd2459f803fa7029483fe396f48689ba3ff9f36c641b23c7fdccc80c08a0d04d7c3a87a52c63fa07da5e70787c8c722ea
SSDEEP

12288:NXP7BqK4TOZNULlGjfX2xnLto9A+4sKBhP:Nf7N4TTLkQC9csKBN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f72671c0153a80bbe0415cd9e354834d_JaffaCakes118

Files

f72671c0153a80bbe0415cd9e354834d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

83d9c932442f9bcc83d0280ba65bb17b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strspn
_wexecv
log10
_CIsqrt
_getdllprocaddr
_findclose
_nextafter
_adj_fdiv_m64
__p__daylight

comdlg32

ChooseColorA

kernel32

lstrcmpW
lstrlenW
GetSystemPowerStatus
lstrcmpiA
GetExitCodeThread
VirtualFree
VirtualAlloc
GetModuleHandleA
HeapCompact
lstrcmpA
GetProcAddress
Sleep
lstrlenA
GetModuleHandleW
Heap32ListNext
GetCPInfoExA
GetSystemTime
ExitProcess
GetComputerNameA
lstrcmpiW
GetLocalTime
GetStartupInfoW
ClearCommError
GetStringTypeExW
QueryDosDeviceA

user32

DlgDirSelectComboBoxExW
DrawEdge
CharUpperA
GetClassWord
GetMenu
DlgDirListComboBoxA
PostQuitMessage
wvsprintfW
WaitMessage

gdi32

GetPixel
EnumFontFamiliesA
SetTextJustification
Escape
SetBkMode

ole32

HPALETTE_UserFree
GetHGlobalFromILockBytes
OleDraw
OleTranslateAccelerator
OleRun
CoRevokeMallocSpy
CoMarshalInterface
OleCreateDefaultHandler
HMETAFILE_UserSize
CoGetCurrentLogicalThreadId

Sections

.text
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xwpi
Size: 193KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.guh
Size: 192KB - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fwbs
Size: 39KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83d9c932442f9bcc83d0280ba65bb17b

Headers

File Characteristics

Imports

msvcrt

comdlg32

kernel32

user32

gdi32

ole32

Sections

.text Size: 4KB - Virtual size: 5KB

.xwpi Size: 193KB - Virtual size: 260KB

.guh Size: 192KB - Virtual size: 492KB

.fwbs Size: 39KB - Virtual size: 235KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 5KB

.xwpi
Size: 193KB - Virtual size: 260KB

.guh
Size: 192KB - Virtual size: 492KB

.fwbs
Size: 39KB - Virtual size: 235KB

.reloc
Size: 1024B - Virtual size: 1KB