467067327e7d65c30c38f368c32c0f84_JaffaCakes118

General

Target

467067327e7d65c30c38f368c32c0f84_JaffaCakes118
Size

437KB
MD5

467067327e7d65c30c38f368c32c0f84
SHA1

6893f4b0ea545e8d934c3c0db1f1a1420c64e40b
SHA256

8f0e85fde0e0364c5aa4215c678de1ba473b85f56a480884007622479799003e
SHA512

34d3d47d8a57e03294b2c29a9c4d37e7280bbf69e493aed02106dca6986bf392c037c10f4e0b2631c954e45192320e22d06c5406c2f5b1ba5e62551c1212b804
SSDEEP

6144:mPWRMB7Bks2SLQ5AxIEz0lSgpT4if0mv7hpeD0d2Y28N33CkeHx650eW4+85RQ:Q+Qmsr3XkJpnLeD0p28NHCkA650Q+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
467067327e7d65c30c38f368c32c0f84_JaffaCakes118

Files

467067327e7d65c30c38f368c32c0f84_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7b8abd904078f761671fc078c2b406f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextW

kernel32

GetLocaleInfoW
CompareStringA
GetACP
WriteFile
GetComputerNameW
EnumSystemLocalesA
IsValidLocale
LCMapStringA
IsValidCodePage
GetFileType
GetEnvironmentStrings
WideCharToMultiByte
GetStartupInfoA
FreeLibrary
LeaveCriticalSection
QueryPerformanceCounter
VirtualFree
CompareStringW
GetStringTypeA
SetHandleCount
SetUnhandledExceptionFilter
HeapAlloc
SetLastError
GetOEMCP
GetEnvironmentStringsW
HeapDestroy
DeleteCriticalSection
HeapReAlloc
GetDateFormatA
TlsFree
GetProcAddress
GetStdHandle
GetTickCount
InitializeCriticalSection
GetTimeFormatA
GetCommandLineA
GetCurrentProcessId
InterlockedDecrement
LCMapStringW
HeapSize
Sleep
VirtualQuery
GetModuleFileNameA
VirtualAlloc
TlsGetValue
GetLocaleInfoA
GetStringTypeExA
MultiByteToWideChar
TlsAlloc
TlsSetValue
FreeEnvironmentStringsA
GetModuleHandleA
GetTimeZoneInformation
GetVersionExA
HeapFree
GetStringTypeW
EnterCriticalSection
GlobalGetAtomNameA
GetSystemTimeAsFileTime
InterlockedExchange
GetCurrentThreadId
InterlockedIncrement
IsDebuggerPresent
GetProcessHeap
UnhandledExceptionFilter
ExitProcess
GetCPInfo
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetLastError
TerminateProcess
EnumTimeFormatsW
GetUserDefaultLCID
HeapCreate
RtlUnwind
GetCurrentProcess
SetConsoleCtrlHandler
LoadLibraryA
GetCurrentThread

Sections

.text
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7b8abd904078f761671fc078c2b406f

Headers

File Characteristics

Imports

comdlg32

kernel32

Sections

.text Size: 133KB - Virtual size: 132KB

.rdata Size: 8KB - Virtual size: 23KB

.data Size: 279KB - Virtual size: 279KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 133KB - Virtual size: 132KB

.rdata
Size: 8KB - Virtual size: 23KB

.data
Size: 279KB - Virtual size: 279KB

.rsrc
Size: 15KB - Virtual size: 15KB