44f5912c09446527033977d13085567f_JaffaCakes118

General

Target

44f5912c09446527033977d13085567f_JaffaCakes118
Size

403KB
MD5

44f5912c09446527033977d13085567f
SHA1

bd86a8f4fe788355e02aa5c0688c2e078922fd5e
SHA256

2a4c002e6ebc58df4145f597ae1fe3874ad53f7cbf62491fdc249a2e3f574258
SHA512

4a83149ed96a73fc276110977a9414c2e7a64982e52423786767ffb7b8517765aeeda9bb2f0434c8e7cd6087e2c7760779fc75124bc69399e0b8bd855b8a5cbf
SSDEEP

12288:vd+xx0Jnqn/JzDnBW9burNnzSo1waNDRHFuC:52hZWmZSofDF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44f5912c09446527033977d13085567f_JaffaCakes118

Files

44f5912c09446527033977d13085567f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8f43f5eac508cc9b389b2507853b534

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetCommandLineW
QueryPerformanceCounter
GetLastError
HeapAlloc
LoadLibraryA
GetStdHandle
TlsGetValue
GetCurrentThread
EnterCriticalSection
GetFileType
IsBadWritePtr
InterlockedExchange
GetTickCount
HeapDestroy
GetModuleHandleA
TlsSetValue
GetEnvironmentStrings
TlsFree
SetLastError
GetModuleFileNameA
TlsAlloc
DeleteCriticalSection
GetCurrentThreadId
VirtualFree
LeaveCriticalSection
GetProcAddress
GetStartupInfoA
GetCurrentProcess
HeapFree
GetCommandLineA
SetHandleCount
GetProcessAffinityMask
MultiByteToWideChar
VirtualQuery
GetVersion
UnhandledExceptionFilter
GetSystemTimeAsFileTime
InitializeCriticalSection
GetCurrentProcessId
GetStartupInfoW
WriteFile
HeapReAlloc
RtlUnwind
ExitProcess
GetModuleFileNameW
GetEnvironmentStringsW
VirtualAlloc
TerminateProcess

comdlg32

PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW

user32

EndDialog
CharPrevA
IsWindowEnabled
DefFrameProcW
RealChildWindowFromPoint
RegisterClipboardFormatA
InvalidateRect
SetCapture
GetMenuInfo
CreateWindowStationA
ImpersonateDdeClientWindow
GetMenuContextHelpId
DeferWindowPos
SetClassLongA
DialogBoxIndirectParamW
LoadStringA
EnumPropsExW
SwapMouseButton
GetAsyncKeyState

gdi32

DPtoLP
AbortPath
GetPixel
SetMagicColors
CreateDIBPatternBrush
GetTextAlign
Escape
EqualRgn
EnableEUDC
CreateMetaFileA
SelectObject
CloseMetaFile
GetEnhMetaFileBits
PlayMetaFile
PatBlt
PlgBlt
GetViewportOrgEx
GetColorAdjustment
GetEnhMetaFileHeader

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 267KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8f43f5eac508cc9b389b2507853b534

Headers

File Characteristics

Imports

kernel32

comdlg32

user32

gdi32

Sections

.text Size: 128KB - Virtual size: 128KB

.data Size: 267KB - Virtual size: 291KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 128KB - Virtual size: 128KB

.data
Size: 267KB - Virtual size: 291KB

.rsrc
Size: 6KB - Virtual size: 6KB