33eb994a73baa3ed2f5a33b7a0f9ebd3_JaffaCakes118

General

Target

33eb994a73baa3ed2f5a33b7a0f9ebd3_JaffaCakes118
Size

452KB
MD5

33eb994a73baa3ed2f5a33b7a0f9ebd3
SHA1

a892367bc6a7e34cf428dc9c3c4b5855fc63e2b9
SHA256

b5fd8dd8f8cd1e7037e9bc72d0d87f5f6e2f5e1348ce2369901ab772b9cc57b9
SHA512

6ba32e098ae9da3d91d7906d86fbbb04c33490e45737693be97eb4f0c02e29ed4a023ce7ee8ae3a3e5f85de97d49e677223695129868227d31088e0a0f2ba99d
SSDEEP

12288:UfnIDrcHOom6jIl8p8qGBlPJOx9dnL5Em:UvIDcveqGBVe9dnL5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33eb994a73baa3ed2f5a33b7a0f9ebd3_JaffaCakes118

Files

33eb994a73baa3ed2f5a33b7a0f9ebd3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69e5d7203c5c716890c521fe4f35f3e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PageSetupDlgA
GetOpenFileNameW
GetSaveFileNameW

kernel32

LCMapStringA
GetCurrentProcessId
GetSystemInfo
GetFileType
GetModuleFileNameA
WriteFile
VirtualQuery
GetTimeZoneInformation
GetVersionExA
DeleteCriticalSection
GetStdHandle
HeapAlloc
GetLocaleInfoW
InterlockedExchange
InitializeCriticalSection
FreeEnvironmentStringsA
GetStringTypeW
GetCurrentProcess
EnumSystemLocalesA
GetCPInfo
SetHandleCount
GetCurrentThread
SetLastError
MultiByteToWideChar
HeapCreate
ExitProcess
CompareStringA
GetACP
HeapSize
GetOEMCP
GetSystemDirectoryA
TlsAlloc
HeapFree
HeapReAlloc
LoadLibraryA
GetStringTypeA
GetEnvironmentStrings
TlsGetValue
IsValidLocale
GetCurrentThreadId
VirtualAlloc
VirtualFree
GetCommandLineA
GetSystemTimeAsFileTime
FlushViewOfFile
LCMapStringW
GetLastError
LeaveCriticalSection
TerminateProcess
RtlUnwind
OutputDebugStringA
TlsSetValue
EnterCriticalSection
SetEnvironmentVariableA
IsValidCodePage
GetLocaleInfoA
GetTickCount
FreeEnvironmentStringsW
HeapDestroy
LocalFileTimeToFileTime
IsBadWritePtr
VirtualProtect
UnhandledExceptionFilter
lstrcpy
GetModuleHandleA
GetProcAddress
TlsFree
GetEnvironmentStringsW
GetTimeFormatA
QueryPerformanceCounter
GetUserDefaultLCID
GetStartupInfoA
CompareStringW
GetDateFormatA
WideCharToMultiByte

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69e5d7203c5c716890c521fe4f35f3e5

Headers

File Characteristics

Imports

comdlg32

kernel32

Sections

.text Size: 151KB - Virtual size: 150KB

.rdata Size: 6KB - Virtual size: 10KB

.data Size: 280KB - Virtual size: 279KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 151KB - Virtual size: 150KB

.rdata
Size: 6KB - Virtual size: 10KB

.data
Size: 280KB - Virtual size: 279KB

.rsrc
Size: 14KB - Virtual size: 13KB