32a965bb856a6e39bed91faeb40f697c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

32a965bb856a6e39bed91faeb40f697c_JaffaCakes118
Size

421KB
MD5

32a965bb856a6e39bed91faeb40f697c
SHA1

0f753e052e9f897aec5e2f4fdc30a8bf1d08627f
SHA256

eefea86c56c24aca0295061a84939233ecef5d4b40acfa0ce1af13555ea68deb
SHA512

a5985acee7696ea9ba67e5518aed1a3a014ef3783e063d4c3fa539a6ffff0eecfaa9dc3c5dd86b1057882cc1d9d3320d7f7522b7746e1b8cbf7485b2dfd2472c
SSDEEP

12288:LwetHx1JuqymvD3oUSedovMHG596JM5IQz/2UQsOvc:LwetpEmDDavMOd55Qssc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32a965bb856a6e39bed91faeb40f697c_JaffaCakes118

Files

32a965bb856a6e39bed91faeb40f697c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b19b99b63bb2c421486ada37c598f3be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GlobalGetAtomNameW
IsValidCodePage
GetTimeFormatA
RtlUnwind
GetStdHandle
VirtualUnlock
GetCurrentProcess
GetLocaleInfoW
VirtualAlloc
LCMapStringW
InitializeCriticalSection
HeapReAlloc
GetEnvironmentStringsW
EnumTimeFormatsW
GetEnvironmentStrings
EnumSystemLocalesA
LCMapStringA
GetModuleFileNameA
GetACP
GetStartupInfoW
ExitProcess
GetCommandLineW
GetStartupInfoA
GetSystemInfo
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetModuleFileNameW
EnterCriticalSection
GetVersionExA
QueryPerformanceCounter
UnhandledExceptionFilter
SetHandleCount
GetCalendarInfoA
SetEnvironmentVariableA
TlsGetValue
DeleteCriticalSection
HeapAlloc
GetLastError
HeapFree
WritePrivateProfileSectionW
LeaveCriticalSection
GetCurrentProcessId
LocalFlags
GetStringTypeA
GetOEMCP
TlsAlloc
GetUserDefaultLCID
CompareStringW
GetCurrentThread
GetStringTypeW
FreeEnvironmentStringsA
WideCharToMultiByte
SetLastError
FreeEnvironmentStringsW
GlobalReAlloc
GetModuleHandleA
WriteFile
VirtualProtect
GetDiskFreeSpaceW
HeapValidate
MultiByteToWideChar
GetStringTypeExA
GetTempPathW
CompareStringA
GetTimeZoneInformation
GetProcAddress
GetDateFormatA
GetFileType
InterlockedIncrement
IsBadWritePtr
InterlockedExchange
HeapCreate
VirtualFree
GetLocaleInfoA
VirtualQuery
TlsSetValue
TlsFree
FindResourceExA
IsValidLocale
GetCurrentThreadId
HeapDestroy
GetNumberFormatA
TerminateProcess
GetCommandLineA
HeapSize
GetNamedPipeHandleStateW

shell32

SHFormatDrive
InternalExtractIconListA
ExtractIconEx
SHGetFileInfo

comdlg32

ChooseColorW
GetFileTitleW
PageSetupDlgW
GetSaveFileNameA
FindTextW
ChooseColorA
FindTextA
GetOpenFileNameW
ChooseFontA
ChooseFontW
PrintDlgW
ReplaceTextA
LoadAlterBitmap
PrintDlgA
GetSaveFileNameW

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b19b99b63bb2c421486ada37c598f3be

Headers

File Characteristics

Imports

kernel32

shell32

comdlg32

Sections

.text Size: 134KB - Virtual size: 134KB

.data Size: 272KB - Virtual size: 294KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 134KB - Virtual size: 134KB

.data
Size: 272KB - Virtual size: 294KB

.rsrc
Size: 13KB - Virtual size: 12KB