22582c47db30addd06d6a75d8555a9e5_JaffaCakes118

General

Target

22582c47db30addd06d6a75d8555a9e5_JaffaCakes118
Size

262KB
MD5

22582c47db30addd06d6a75d8555a9e5
SHA1

44999a4df793977da1e09842e296065fde5af7e5
SHA256

560ba061d37f3298cbb1cdcd0b5e512fecc836f6c55a20be45bbf366e0a781c4
SHA512

feed391f784ed654bdfe72dffc070c1cde40228375789498db3b439f99fe33609c9aae75094104644aa79fca827c9137d3b4009f68ec3821cd625aff4d9dd64d
SSDEEP

6144:NiGswKL64RLmTvqN8br3zDaX4v3I7/xE:NiGswlAmTvq2nz02

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22582c47db30addd06d6a75d8555a9e5_JaffaCakes118

Files

22582c47db30addd06d6a75d8555a9e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d1e036adc3dc46254417fe2cae837011

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLCID
InterlockedIncrement
IsValidCodePage
TlsAlloc
GetProcAddress
IsValidLocale
HeapReAlloc
TlsGetValue
GetCPInfo
GetTimeFormatA
GetCurrentProcessId
UnhandledExceptionFilter
EnterCriticalSection
GetLocaleInfoW
VirtualFree
GetModuleHandleA
LCMapStringA
CreatePipe
WideCharToMultiByte
SetEnvironmentVariableA
GetProcessHeap
HeapSize
GetCommandLineW
HeapDestroy
LeaveCriticalSection
DeleteCriticalSection
GetStringTypeA
CompareStringA
GetProfileIntW
ExitProcess
GetTickCount
GetShortPathNameA
TlsSetValue
HeapFree
GetEnvironmentStringsW
GetModuleFileNameA
GetVersionExA
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStrings
VirtualAlloc
MapViewOfFile
GetCommandLineA
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetFileType
GetModuleFileNameW
GetStartupInfoW
SetLastError
WriteFile
IsDebuggerPresent
GetCurrentThread
GetSystemTimeAsFileTime
GetLastError
FreeEnvironmentStringsW
FreeResource
GetLocaleInfoA
GetOEMCP
FreeEnvironmentStringsA
Sleep
MultiByteToWideChar
HeapCreate
EnumSystemLocalesA
GetStartupInfoA
SetUnhandledExceptionFilter
CompareStringW
InterlockedDecrement
TlsFree
GetStdHandle
GetThreadLocale
InterlockedExchange
GetTimeZoneInformation
GetStringTypeW
GetDateFormatA
SetConsoleCtrlHandler
GetACP
FreeLibrary
LCMapStringW
InitializeCriticalSection
HeapAlloc
SetHandleCount
CreateSemaphoreW
OutputDebugStringW

shell32

ShellExecuteEx
SHFreeNameMappings
SHGetSpecialFolderPathA
SHGetNewLinkInfo
SHBrowseForFolderW
SheSetCurDrive
SheGetDirA
ShellExecuteExW
SheChangeDirExW
RealShellExecuteW

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1e036adc3dc46254417fe2cae837011

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 114KB - Virtual size: 113KB

.data Size: 139KB - Virtual size: 158KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 114KB - Virtual size: 113KB

.data
Size: 139KB - Virtual size: 158KB

.rsrc
Size: 8KB - Virtual size: 8KB