9b00a87cce97eeac1adfc8b54058c71d_JaffaCakes118

General

Target

9b00a87cce97eeac1adfc8b54058c71d_JaffaCakes118
Size

66KB
MD5

9b00a87cce97eeac1adfc8b54058c71d
SHA1

6b3af54e010ba0bb26fa26e00b8ddb818b3df855
SHA256

be6f7a7079f2ffd8cdda74d66cd2e88f568b3c03fd696500dae896025831dfb0
SHA512

867acb93e593d69fbb184de472914465fe390e5d9db621a7cdab7d72878381cf677fb4f0dd6a1702a597014ff633976aaa8b3a285e11547e86061dd217177f72
SSDEEP

1536:T8CozcQiJZYUYJbXnQZVgBIbePTTA2YmAlxFcp7E74nhSp4:T8h2YhJb3QZVGIbKTE2YnlqEMhSm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/documenty.exe

Files

9b00a87cce97eeac1adfc8b54058c71d_JaffaCakes118
.rar
documenty.exe
.exe windows:4 windows x86 arch:x86

2e81a6fa83716dcda942e6458ed42c88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFile
VirtualProtect
GetCommandLineA
DeleteVolumeMountPointA
GetWindowsDirectoryA
GetCPInfo
GetTimeZoneInformation
GetCurrentThread
Process32First
GetOEMCP
EnumResourceLanguagesA
CreateFileMappingA
GetUserDefaultUILanguage
FileTimeToSystemTime
InterlockedPopEntrySList
GlobalAddAtomW
CreateToolhelp32Snapshot
lstrlenA
GetFileSizeEx
GetTimeFormatW
lstrcmpi
ReleaseActCtx
Process32Next
GetSystemTime
Sleep
SetNamedPipeHandleState
SetEndOfFile
GetVolumeInformationA
SystemTimeToTzSpecificLocalTime
GetTickCount
GetVersion

user32

DragObject
SwitchDesktop
OemToCharBuffW
OpenClipboard
CreateDialogIndirectParamA
SetProcessWindowStation
SetWindowContextHelpId
SendMessageTimeoutA
DialogBoxIndirectParamW
DragDetect
TrackPopupMenu
IsWindowVisible
GetUserObjectSecurity
OpenDesktopW
DlgDirListComboBoxA
CreateMDIWindowA
RegisterDeviceNotificationA
GetProcessDefaultLayout
ModifyMenuW
SendMessageCallbackA
SetUserObjectInformationW
ExcludeUpdateRgn
ScrollWindow
CalcMenuBar
SetMenuItemInfoW

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e81a6fa83716dcda942e6458ed42c88

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 77KB - Virtual size: 77KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 77KB - Virtual size: 77KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 4KB