488bf258ad8e08bfe567c0e2828cce0a_JaffaCakes118

General

Target

488bf258ad8e08bfe567c0e2828cce0a_JaffaCakes118
Size

379KB
MD5

488bf258ad8e08bfe567c0e2828cce0a
SHA1

c3fdc2f11f5961f76dd8f0ab90e47e73664dc018
SHA256

f7ec7e06d2f83418dd7210f96e09cc01d6949a6512aef34eaeb71e5e3cb75909
SHA512

9e52d32b3539b83a8ae20d1e768a0cbf720eef2483088a88348d813f97bf88476334f04834f09a0db6850c4a2b2200a6a274573cfb91637dc77a88da3af4a3b9
SSDEEP

6144:IhHfoQLur96NqxLCYt4cODMGw1jRQNuXC5bKEBK3HuZRbcB8+IgwzRF6:EfoFuqZH2jDAjR6uLiK3HFD08

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
488bf258ad8e08bfe567c0e2828cce0a_JaffaCakes118

Files

488bf258ad8e08bfe567c0e2828cce0a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fd4a71b0d3b3d7ae92f500432f57218

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
GetSystemDirectoryW
EnterCriticalSection
FormatMessageA
QueryPerformanceCounter
GetCurrentProcess
HeapAlloc
LoadLibraryA
GetNumberFormatA
ExitProcess
EnumResourceLanguagesW
GetCurrentDirectoryA
HeapLock
GetSystemTimeAsFileTime
InterlockedExchange
GetTickCount
GetCurrentProcessId
GetModuleHandleA
HeapFree
GetProcAddress
RtlUnwind
TerminateProcess
GetModuleFileNameA
HeapReAlloc
GetEnvironmentStrings
GetCurrentThreadId
VirtualAlloc

user32

GetKeyboardState

comdlg32

GetFileTitleA
ChooseColorW
GetSaveFileNameW
LoadAlterBitmap
GetFileTitleW
GetOpenFileNameW
GetOpenFileNameA
PageSetupDlgA
FindTextA
ChooseColorA
FindTextW
PrintDlgA
ReplaceTextA
PageSetupDlgW
ChooseFontW
PrintDlgW
ReplaceTextW

advapi32

RegEnumValueA
RegRestoreKeyA
CryptSetProviderA
RegDeleteValueA
RegCreateKeyA
RegCreateKeyW
RegRestoreKeyW
DuplicateTokenEx
RegEnumKeyExW
CryptDeriveKey
LookupPrivilegeDisplayNameW
CryptDestroyHash
CryptContextAddRef
RegLoadKeyW
LookupSecurityDescriptorPartsA
CryptImportKey
StartServiceA
LookupPrivilegeValueA
RegSetKeySecurity
LookupAccountNameW
RegQueryValueW

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fd4a71b0d3b3d7ae92f500432f57218

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

Sections

.text Size: 102KB - Virtual size: 101KB

.data Size: 262KB - Virtual size: 262KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 102KB - Virtual size: 101KB

.data
Size: 262KB - Virtual size: 262KB

.rsrc
Size: 13KB - Virtual size: 13KB