5a50a0a861090929f6d4f6d9dfe0c300_JaffaCakes118

General

Target

5a50a0a861090929f6d4f6d9dfe0c300_JaffaCakes118
Size

112KB
MD5

5a50a0a861090929f6d4f6d9dfe0c300
SHA1

49e1c28662afa999d8aeb1da3dd0948bf10db9f9
SHA256

53057a9cb2557fd18e289c98c80f803be8f3bf63e0e594a03b958520ce32d5cc
SHA512

4e193f3d0b17285430e367f039c1e33e279e308ef5edca318b4fed0e3df52cba775ea37e47de503d61a7b29f7f1f53e61b3c85c3b5496d52b78dfc02349dafb3
SSDEEP

3072:M13TL6tGoCiCfzY8MIsbqq9q81dTXds5bxn8Ku1fzQzU:q+tGz7YlIki81dTSbxnBo7Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a50a0a861090929f6d4f6d9dfe0c300_JaffaCakes118

Files

5a50a0a861090929f6d4f6d9dfe0c300_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8d5fd177c27c135a501fab0b708af9b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapSize
VirtualQuery
InterlockedExchange
IsBadWritePtr
HeapReAlloc
HeapAlloc
GetCPInfo
GetOEMCP
GetACP
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
LCMapStringW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GlobalSize
FindClose
LoadLibraryA
GetProcAddress
lstrcpynW
GetSystemInfo
VirtualAlloc
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
CompareStringA
FileTimeToSystemTime
GetLastError
LocalUnlock
RtlUnwind

user32

TrackPopupMenu
SetWindowLongW
DestroyCaret

gdi32

CreateBitmap
CreateCompatibleDC

comdlg32

GetOpenFileNameW
FindTextA
PageSetupDlgW
GetFileTitleW
ChooseColorA

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegFlushKey
RegCreateKeyA

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d5fd177c27c135a501fab0b708af9b9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 79KB - Virtual size: 125KB

.rsrc Size: 4KB - Virtual size: 8KB

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 79KB - Virtual size: 125KB

.rsrc
Size: 4KB - Virtual size: 8KB