082fa148251993341aedd1f0dae9c6a8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

082fa148251993341aedd1f0dae9c6a8_JaffaCakes118
Size

430KB
MD5

082fa148251993341aedd1f0dae9c6a8
SHA1

41a110087bdf8c18b2b645021568079c0f5ac481
SHA256

7e560d4b63dc98f679135ee06a6458d828fe7befdac5784e19ac91e919bf815b
SHA512

afc942cfedc29566a68f7a05349e5cf1c6348773169b3836c13dcd2556a124f6ece9dee6ccef4a7af19f8bc845e63b3b6f2a9611a8ddbd9e5fb3ba6678dca7bc
SSDEEP

12288:nW01Qlq2sKqwuOyefRM+H01MXy8IjKPmiHG5KRI3/luPP5Ps0m:ni3ps1MXyFuPmiHGYi3tmP5Lm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
082fa148251993341aedd1f0dae9c6a8_JaffaCakes118

Files

082fa148251993341aedd1f0dae9c6a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b6c33d03f33b28e46b26475c1c2c945

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetTimeZoneInformation
GetVersionExA
SetEnvironmentVariableA
GetProcAddress
HeapCreate
HeapReAlloc
SetLastError
FillConsoleOutputCharacterW
GetLocaleInfoW
GetCurrentProcessId
TlsGetValue
TlsFree
GetCommandLineA
TlsSetValue
WriteFile
HeapDestroy
GetOEMCP
UnhandledExceptionFilter
IsValidLocale
GetDateFormatA
VirtualProtect
CompareStringW
GetStringTypeA
InitializeCriticalSection
ReadFileEx
GetLastError
InterlockedExchangeAdd
SetFilePointer
ExitProcess
GetTickCount
EnumSystemCodePagesW
TlsAlloc
HeapFree
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoW
LoadLibraryA
QueryPerformanceCounter
EnumSystemLocalesA
VirtualAlloc
GlobalAlloc
CompareStringA
WideCharToMultiByte
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
FreeEnvironmentStringsW
GetCommandLineW
GetEnvironmentStringsW
LCMapStringW
VirtualFree
GetUserDefaultLCID
DeleteCriticalSection
GetSystemTimeAsFileTime
GetACP
GetCompressedFileSizeW
LocalShrink
GetCPInfo
GetCurrentThread
GetNamedPipeHandleStateA
MultiByteToWideChar
IsBadWritePtr
GetStdHandle
RtlFillMemory
GetEnvironmentStrings
LeaveCriticalSection
GetEnvironmentVariableA
GetTimeFormatA
SetHandleCount
GetFileType
WriteFileEx
InterlockedExchange
GetModuleFileNameW
GetLocaleInfoA
EnterCriticalSection
IsValidCodePage
GetProfileIntA
EnumResourceNamesW
HeapSize
GetSystemInfo
HeapAlloc
LCMapStringA
SetLocalTime
HeapLock
GetStringTypeW
VirtualQuery
GetModuleHandleA

comdlg32

GetOpenFileNameW
PageSetupDlgA
ChooseColorW
GetSaveFileNameW
FindTextW
GetFileTitleW
GetSaveFileNameA
ReplaceTextA
GetFileTitleA
PrintDlgA
PrintDlgW
ChooseFontW
GetOpenFileNameA

Sections

.text
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b6c33d03f33b28e46b26475c1c2c945

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 147KB - Virtual size: 147KB

.data Size: 274KB - Virtual size: 285KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 147KB - Virtual size: 147KB

.data
Size: 274KB - Virtual size: 285KB

.rsrc
Size: 7KB - Virtual size: 7KB