226b22d0971e93e689328c89473e7106_JaffaCakes118

General

Target

226b22d0971e93e689328c89473e7106_JaffaCakes118
Size

428KB
MD5

226b22d0971e93e689328c89473e7106
SHA1

2fbdf6a0e4e63ab10ea9383856c75eeb26769257
SHA256

95ab13718dcd329c62641f572dd9e27d72e7e003f848fbf298a96626423eb6a8
SHA512

1a014538bf8f53f07c661c2aa0231655abae57208d145fbb0f4d48c3d91e3ee762f847d98883fe3493c5c30baf276fd37d12a17ae712389af4020571ddf07284
SSDEEP

12288:zpyh6fW0GAFRvwc27VHM/69syjkOG/8qj8wbl/Q:zp24ndgJsPj/Aw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
226b22d0971e93e689328c89473e7106_JaffaCakes118

Files

226b22d0971e93e689328c89473e7106_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a5123e345343b48bb2535c25789fc3ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCPInfo
GetACP
FreeEnvironmentStringsA
RtlUnwind
TlsAlloc
EnterCriticalSection
GetCurrentProcess
LCMapStringW
VirtualAlloc
WriteFile
GetVersion
HeapReAlloc
HeapDestroy
HeapValidate
HeapCreate
GetFileType
InterlockedExchange
GetModuleFileNameA
GetOEMCP
SetLastError
ExitProcess
GetStringTypeA
SetHandleCount
TlsSetValue
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
LeaveCriticalSection
GetEnvironmentStringsW
WideCharToMultiByte
QueryPerformanceCounter
SetEnvironmentVariableA
UnhandledExceptionFilter
GetDateFormatA
VirtualQuery
GetCurrentThreadId
GetEnvironmentStrings
HeapAlloc
IsBadWritePtr
HeapFree
SetSystemTime
TerminateProcess
GetCurrentProcessId
DeleteCriticalSection
TlsFree
MultiByteToWideChar
lstrlenA
VirtualFree
GetCurrentThread
GetStringTypeW
TlsGetValue
GetLastError
GetProcAddress
InitializeCriticalSection
FormatMessageW
FreeEnvironmentStringsW
GetModuleHandleA
GetStringTypeExA
GetStdHandle
GetLocaleInfoW
GetPrivateProfileSectionA
LCMapStringA
LocalCompact
GlobalGetAtomNameA
GetCommandLineA

advapi32

LookupPrivilegeDisplayNameA
LookupPrivilegeNameA
CryptVerifySignatureW
RegQueryMultipleValuesW

comdlg32

GetOpenFileNameA
ChooseFontW
GetOpenFileNameW
GetSaveFileNameW
ReplaceTextW
PrintDlgW
LoadAlterBitmap
GetSaveFileNameA
ChooseFontA
PageSetupDlgW
FindTextA
ChooseColorA
ChooseColorW
ReplaceTextA
PageSetupDlgA
GetFileTitleA
FindTextW

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 269KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5123e345343b48bb2535c25789fc3ec

Headers

File Characteristics

Imports

kernel32

advapi32

comdlg32

Sections

.text Size: 153KB - Virtual size: 153KB

.data Size: 269KB - Virtual size: 268KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 153KB - Virtual size: 153KB

.data
Size: 269KB - Virtual size: 268KB

.rsrc
Size: 4KB - Virtual size: 4KB