87d91e54720f637a65828c916a270733_JaffaCakes118

General

Target

87d91e54720f637a65828c916a270733_JaffaCakes118
Size

3.8MB
MD5

87d91e54720f637a65828c916a270733
SHA1

ae32017ced9dfc1e1359327364bba2eddabe2874
SHA256

43dab1a770ada939472a87302ec98e14ea4ee31cc7f1f409c1c61b6221da7f18
SHA512

70e87bae04305a2d8ca310843a9fa75c07b7892e5b3f0d95e9a8a2b203f378da0267912efc86f6880d8e1a178544cdba5a10020c0a0a3b21c53660775f3553ce
SSDEEP

98304:B2o4yIOTYI8LmpNEHoYUK3W4nDNayxawtRbOMi:ZQOR86p+2wxnpayowtRaMi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87d91e54720f637a65828c916a270733_JaffaCakes118

Files

87d91e54720f637a65828c916a270733_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46d1a5560db7365f6bca888b8238fa16

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAAsyncGetProtoByNumber
shutdown
WSAHtons
WSAEnumProtocolsW

shell32

DragQueryPoint
SHChangeNotify

ole32

CoSwitchCallContext
CoGetTreatAsClass

kernel32

GetTickCount
EnumDateFormatsW
SetConsoleOutputCP
lstrcmpA
OpenFile
ReleaseSemaphore
EnumTimeFormatsW
ExpandEnvironmentStringsW
CreatePipe
GetUserDefaultLangID
ExitProcess
TryEnterCriticalSection
GetTempFileNameA
LoadLibraryExW
OutputDebugStringA
GetCPInfo
IsBadReadPtr
GetSystemDefaultLangID
PeekConsoleInputW
VirtualAllocEx
AllocConsole

user32

ChildWindowFromPointEx
TabbedTextOutA
CreateCursor
MsgWaitForMultipleObjectsEx
wsprintfW
VkKeyScanW
GetPropA

version

VerFindFileA

oleaut32

LoadTypeLibEx
VariantChangeType
SysAllocStringLen
SafeArrayCreate
SetErrorInfo
LoadTypeLi

msvcrt

_ismbcspace
_eof
_ismbcdigit
_putws
bsearch
_cwait
fwprintf
_isctype
strtok
rename
_stricoll
fgetc
_wcsupr
getenv
_close
tolower
_wtoi
strspn
wcsftime
_chdrive
_mbsupr
_beginthreadex
_wgetenv

Sections

.text
Size: 2KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46d1a5560db7365f6bca888b8238fa16

Headers

File Characteristics

Imports

ws2_32

shell32

ole32

kernel32

user32

version

oleaut32

msvcrt

Sections

.text Size: 2KB - Virtual size: 221KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 3.5MB - Virtual size: 3.5MB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 2KB - Virtual size: 221KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3.5MB - Virtual size: 3.5MB

.rsrc
Size: 19KB - Virtual size: 18KB