82d5a674c2a53999dc532677cc2c9915_JaffaCakes118

General

Target

82d5a674c2a53999dc532677cc2c9915_JaffaCakes118
Size

1.3MB
MD5

82d5a674c2a53999dc532677cc2c9915
SHA1

ceb7beedcd86f79f6a4301852f3402cac655ea32
SHA256

fb71f65341288ed9d2383d44478640712b895d8e1f760e19f6f2741179857742
SHA512

7610deedd5a3f9bf76c510225a9c8f01b5eb49f6c58a0c8fca4a3335befd59cce96dd21f1b598c4d66cbcd38d4f7404c4e5ab91e5c49a20d03d17b336948ebba
SSDEEP

24576:Y8wpKoh2/9bo2Fux4rN+iyv2wXrVlP7h/BKZRc/xuzcz:aKoh2/9lFH+i3clPNEZRakz+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82d5a674c2a53999dc532677cc2c9915_JaffaCakes118

Files

82d5a674c2a53999dc532677cc2c9915_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cee80f1f65070169efa36bc4f9d3001d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
lstrlenA
lstrcmpA
AllocConsole
GetStdHandle
WriteFile
WriteConsoleA
ReadFile
ReadConsoleA
MultiByteToWideChar
HeapFree
lstrcmpiA
WideCharToMultiByte
HeapAlloc
SetConsoleMode
GetConsoleMode
GetLastError
GetModuleFileNameA
GetTimeFormatA
Sleep
GetSystemDefaultLCID
GetModuleHandleA
ReadConsoleInputA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
lstrcatA
GetVersion
GetTickCount
SetCurrentDirectoryA
CreateDirectoryA
DeleteFileA
CloseHandle
CreateFileA
GetFileAttributesA
GetCurrentDirectoryA
GetTempPathA
ExitProcess
SizeofResource
LockResource
LoadResource
FindResourceA
GetProcessHeap
RemoveDirectoryA
GetCommandLineA

user32

DialogBoxParamA
GetParent
GetDesktopWindow
CharToOemA
GetWindowRect
CopyRect
OffsetRect
SetWindowPos
LoadStringA
SetDlgItemTextA
GetDlgItem
SetFocus
GetDlgItemTextA
EndDialog
wsprintfA
GetForegroundWindow
MessageBoxA

ole32

CoInitialize
CoUninitialize
CLSIDFromProgID
CoCreateInstance
CoGetObject

oleaut32

VarBstrFromR4
VarBstrFromR8
VarBstrFromDec
SafeArrayUnaccessData
LoadTypeLi
SysFreeString
VariantInit
SysAllocString
DispInvoke
DispGetIDsOfNames
VariantTimeToSystemTime
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
VarBstrFromCy

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cee80f1f65070169efa36bc4f9d3001d

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 14KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 14KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB