fda8ebd299bddae66eeeca34098c51c1_JaffaCakes118

General

Target

fda8ebd299bddae66eeeca34098c51c1_JaffaCakes118
Size

424KB
MD5

fda8ebd299bddae66eeeca34098c51c1
SHA1

dd87a0716b9c042e406bb28b8eba812af2b61bde
SHA256

f37aa8beccd9ddd9d3fc14e66640d3b74efa32eaae7705cb8216aa2b41f57291
SHA512

bbbc45faa188a135302b95d5caa35e1d2da5c79553d209df00094555da1fd9740e7921acf3c4e98ae20be86e2370268aa217da0b50d07913149c9c11a3928b31
SSDEEP

12288:C9f3mOE4RSAMCG6YqFxQM35uixf18WHO:cfmOnECTYeG7t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fda8ebd299bddae66eeeca34098c51c1_JaffaCakes118

Files

fda8ebd299bddae66eeeca34098c51c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30c3ac59733d4233487d91a518a1db0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
LeaveCriticalSection
SetConsoleCtrlHandler
WideCharToMultiByte
GetProcAddress
SetEnvironmentVariableA
HeapReAlloc
SetLastError
GetEnvironmentStrings
HeapSize
GetCurrentProcessId
HeapAlloc
GetACP
GetStdHandle
TlsGetValue
GetModuleHandleA
SetHandleCount
CommConfigDialogA
EnterCriticalSection
TlsFree
GetTimeFormatA
IsValidLocale
GetFileType
IsValidCodePage
SetUnhandledExceptionFilter
FreeLibrary
HeapCreate
FreeEnvironmentStringsA
FreeLibraryAndExitThread
ExitProcess
GetTickCount
EnumSystemLocalesA
LCMapStringA
HeapFree
GetOEMCP
GetModuleFileNameA
InterlockedIncrement
LoadLibraryA
QueryPerformanceCounter
GetModuleFileNameW
VirtualAlloc
CompareStringA
GetEnvironmentStringsW
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetProcessHeap
GetStringTypeA
GetUserDefaultLCID
TlsSetValue
DeleteCriticalSection
MultiByteToWideChar
GetLastError
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineW
GetLocaleInfoW
GetStartupInfoW
GetStringTypeW
GetCommandLineA
VirtualFree
Sleep
IsDebuggerPresent
GetCPInfo
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsW
LCMapStringW
WriteFile
GetVersionExA
CompareStringW
InterlockedExchange
InitializeCriticalSection
HeapDestroy
GetLocaleInfoA
TlsAlloc
GetDateFormatA
GetCurrentThread

comdlg32

PrintDlgA
ChooseFontW
GetSaveFileNameA
PageSetupDlgA
GetSaveFileNameW
GetOpenFileNameW
ChooseColorW
PageSetupDlgW
LoadAlterBitmap
PrintDlgW
ChooseColorA
FindTextW

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30c3ac59733d4233487d91a518a1db0c

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 137KB - Virtual size: 137KB

.data Size: 275KB - Virtual size: 275KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 137KB - Virtual size: 137KB

.data
Size: 275KB - Virtual size: 275KB

.rsrc
Size: 10KB - Virtual size: 10KB