1b8270f0b9298b91eb701b8a3d337497_JaffaCakes118

General

Target

1b8270f0b9298b91eb701b8a3d337497_JaffaCakes118
Size

370KB
MD5

1b8270f0b9298b91eb701b8a3d337497
SHA1

df2ff1439ae0dc3bb36004a31655bfce42fe7d03
SHA256

3a9f5be47c8472711f133d1c112d983def0e3bb41b3819141fd66258a2e5513e
SHA512

5201f2884c2e524b54aa85d06fbda52a8138a146e35b9e4c26e25699481fac40ebfb1eab7eff277e0651814abecef19274aad00411288e70d538a9e236ea06d8
SSDEEP

6144:GluXm67CP2FY2bqdTX2wIKCmu53xQcBZfwrXgCWk0MUMqKGYMzb6IbBh5OuH:ZDmP6Y2+T2s09eEVyXgCnI6IbBbOuH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b8270f0b9298b91eb701b8a3d337497_JaffaCakes118

Files

1b8270f0b9298b91eb701b8a3d337497_JaffaCakes118
.exe windows:4 windows x86 arch:x86

815103992a6d327828a58d8c4c135eb6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReleaseDC
GetDlgItem
PostQuitMessage
ScreenToClient
SetWindowPos
IsWindow
EnableWindow
GetDC
wsprintfA
SendMessageA
GetClientRect
GetWindow
PeekMessageA
GetDesktopWindow
CallWindowProcA
SetForegroundWindow
DestroyWindow

kernel32

GetFileAttributesW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
LCMapStringW
LCMapStringA
SetConsoleCtrlHandler
IsBadWritePtr
VirtualAlloc
GetOEMCP
FatalAppExitA
LeaveCriticalSection
GetVersion
HeapAlloc
SetEndOfFile
Sleep
InterlockedDecrement
WriteFile
HeapCreate
WriteConsoleA
TerminateProcess
LocalFree
FreeLibrary
GetCurrentThreadId
GetStringTypeW
HeapReAlloc
GetACP
GetSystemTimeAsFileTime
CloseHandle
FindFirstFileA
FindNextFileW
SetFilePointer
GetStringTypeA
GetCPInfo
RaiseException
GetModuleHandleA
SetStdHandle
GetLocaleInfoW
WaitForMultipleObjects
GetCommandLineA
MultiByteToWideChar
SetErrorMode
UnhandledExceptionFilter
WideCharToMultiByte
DeleteFileA
GetFileSize
GetStartupInfoA
DeleteCriticalSection
GetCommandLineW
LoadLibraryA
TlsAlloc
GetTickCount
SetEvent
WaitForSingleObject
ReadFile
GetStdHandle
HeapFree
TlsGetValue
GetLastError
GetCurrentProcessId
GetCurrentThread
ExitProcess
GetProcessHeap
GetProcAddress
GetCurrentProcess
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsSetValue
TlsFree
SetLastError
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
VirtualFree
RtlUnwind
InterlockedIncrement
InitializeCriticalSection
EnterCriticalSection

Sections

.text
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

815103992a6d327828a58d8c4c135eb6

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 348KB - Virtual size: 347KB

.data Size: 21KB - Virtual size: 21KB

.text
Size: 348KB - Virtual size: 347KB

.data
Size: 21KB - Virtual size: 21KB