87542c7d2a7f7fd00922199e75bafc6f_JaffaCakes118

General

Target

87542c7d2a7f7fd00922199e75bafc6f_JaffaCakes118
Size

160KB
MD5

87542c7d2a7f7fd00922199e75bafc6f
SHA1

4a1cf278afe681330e172be0d47c0dabbce6e17e
SHA256

9f9e3ee0f5179ab49680ed9c3d0f8b7885ef613fee4d4a724e334ff17df8412d
SHA512

6b078f19fe67c3f2876da0b4b8f36d2b0aa6c364514ac4aa09ebe3cb37b5d181c8632f24b314e9ece75a68c4fe19f6fceb68289da0db46c1215411dae4b1c83b
SSDEEP

3072:2cw6pSlU9cSlrpZKsHbom1VGuSLUQ18yH112RMQQxY1NKAtH+xY+:2LMn9VrpZK/sV8x8yv24S7KA5EH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87542c7d2a7f7fd00922199e75bafc6f_JaffaCakes118

Files

87542c7d2a7f7fd00922199e75bafc6f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

762d5042c0b6535ababf146b17ab4f69

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
GetLocaleInfoA
CompareStringA
GetSystemInfo
LoadLibraryA
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
VirtualAlloc
GetProcAddress
lstrcpynW
TerminateThread
VirtualFree
GlobalSize
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
HeapFree
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
HeapReAlloc
IsBadWritePtr
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
QueryPerformanceCounter
GetTickCount
VirtualProtect

user32

SetWindowTextW
GetDlgCtrlID
InvalidateRect

gdi32

LineTo
DPtoLP
OffsetWindowOrgEx
GetTextExtentPointW

comdlg32

GetOpenFileNameA
PageSetupDlgW

advapi32

RegDeleteValueA
RegDeleteKeyW
RegQueryValueExA
RegSetValueExA
RegCreateKeyW

ole32

OleDuplicateData

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 353KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

762d5042c0b6535ababf146b17ab4f69

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 134KB - Virtual size: 353KB

.rsrc Size: 512B - Virtual size: 472B

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 134KB - Virtual size: 353KB

.rsrc
Size: 512B - Virtual size: 472B