87899801c5a8d902e392ec231dab225e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

87899801c5a8d902e392ec231dab225e_JaffaCakes118
Size

2.6MB
MD5

87899801c5a8d902e392ec231dab225e
SHA1

4a8e8d893f41cf6825408d5e52df0120fb9ebb8d
SHA256

9971737562516aec38b9fa0e6db283bf6cd4abee610c9d9ac612e10e980bb17a
SHA512

cccea8061b616b407498a47d63c814eb04f3a74a4c190812de9a13e2d545890d4f44dddac31e34d0447cf2a1051f8c1d94325cd7d780bccb5cf1054ec61d8791
SSDEEP

24576:axuQqm0KhSda+pvTxfbffHliUDlCg2oQ9e/GJH9/rGIxW/:Kud5daazPZDg1jJJR5xW/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87899801c5a8d902e392ec231dab225e_JaffaCakes118

Files

87899801c5a8d902e392ec231dab225e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5dcb4db75f2ac22ed56e40fef79883c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PrintDlgW

kernel32

RtlUnwind
GetVersion
LocalAlloc
VirtualAlloc
GetEnvironmentStringsW
SetEndOfFile
SetFileValidData
GetSystemTime
GetLocalTime
GetSystemInfo
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetMailslotInfo
CreateMutexW
GetModuleFileNameW
GetSystemDirectoryW
GetFileAttributesExW
DeleteFileW
GetVersionExW
CreateJobObjectW
GetACP
GetThreadLocale
GetConsoleWindow
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCommandLineW
RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsDebuggerPresent
IsValidCodePage
GetOEMCP
GetCPInfo
CreateFileW

user32

DdeGetData
LoadIconW
SetRectEmpty
ClientToScreen
GetCursor
GetWindowTextLengthW
GetWindowTextW
GetDC
DeleteMenu
AppendMenuW
GetMenuItemCount
IsWindowEnabled
MapVirtualKeyW
SendInput
GetDialogBaseUnits
GetNextDlgTabItem
GetDlgItem
EndDialog
BringWindowToTop
GetClassInfoW
PostMessageW
ExitWindowsEx
GetMessageW
GetMenu

psapi

EnumDeviceDrivers

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 631KB - Virtual size: 7.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.3rtfta
Size: 758KB - Virtual size: 757KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.da4362
Size: 470KB - Virtual size: 469KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.19hi
Size: 278KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5dcb4db75f2ac22ed56e40fef79883c1

Headers

File Characteristics

Imports

comdlg32

kernel32

user32

psapi

Sections

.text Size: 137KB - Virtual size: 136KB

.data Size: 631KB - Virtual size: 7.1MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.3rtfta Size: 758KB - Virtual size: 757KB

.da4362 Size: 470KB - Virtual size: 469KB

.19hi Size: 278KB - Virtual size: 277KB

.rsrc Size: 362KB - Virtual size: 362KB

.text
Size: 137KB - Virtual size: 136KB

.data
Size: 631KB - Virtual size: 7.1MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.3rtfta
Size: 758KB - Virtual size: 757KB

.da4362
Size: 470KB - Virtual size: 469KB

.19hi
Size: 278KB - Virtual size: 277KB

.rsrc
Size: 362KB - Virtual size: 362KB