8c7bc2b50d0f9b69607c61618b2b0a57_JaffaCakes118

General

Target

8c7bc2b50d0f9b69607c61618b2b0a57_JaffaCakes118
Size

188KB
MD5

8c7bc2b50d0f9b69607c61618b2b0a57
SHA1

eda86f69a6942103c2f4fe37ef609cc279d01344
SHA256

235b802abc965f5387b42260a19f2fec014b0941884965dbbcad5a29b583ab32
SHA512

6b43a6eca7a51535af86d4bee643d23692721e0780239488633b3f4ac91c51166eb232a006fd696b6d7eb660392e71756065458d3b38a1355f6f7ec41106927e
SSDEEP

3072:43hbNo9ARyLYO3m0BVnb/tAiwpDxxNDjSbDOckI+6Ja/I63TNbTZ/Atxt:klaVm0Hb/tAiuFxNvAn+D/I63Bq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c7bc2b50d0f9b69607c61618b2b0a57_JaffaCakes118

Files

8c7bc2b50d0f9b69607c61618b2b0a57_JaffaCakes118
.exe windows:4 windows x86 arch:x86

885e9265cdad17b81ecadb98d10402f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapWalk
HeapCreate
HeapFree
HeapAlloc
WriteConsoleA
VirtualFree
GetSystemTime
VirtualAlloc
LoadLibraryA
GetProcAddress
FindNextChangeNotification
FlushFileBuffers
SetStdHandle
IsBadWritePtr
HeapReAlloc
GetStringTypeW
GetStringTypeA
GetModuleFileNameA
WriteFile
RtlUnwind
HeapDestroy
GetStartupInfoA
GetFileType
FindCloseChangeNotification
GetDiskFreeSpaceW
GetFileTime
GetCurrentProcessId
GetVolumeInformationW
InterlockedExchange
CreateFileA
GetTimeFormatW
GetStdHandle
SetHandleCount
SetEndOfFile
GetCommandLineA
GetCommandLineW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetStartupInfoW
GetVersion
ExitProcess
GetLastError
CloseHandle
ReadFile
TerminateProcess
GetCurrentProcess
SetFilePointer
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW

user32

MapWindowPoints
PostMessageW
DestroyWindow
SendMessageW
DestroyMenu
BeginPaint
EmptyClipboard
InvalidateRect
IntersectRect
InsertMenuItemW
SetCursor
GetDoubleClickTime
InflateRect
ValidateRect

gdi32

RestoreDC
SaveDC
ExtTextOutW
CreateFontIndirectW
StartDocW
StartPage
Rectangle

shlwapi

PathIsUNCW
PathFindExtensionW
wnsprintfW
StrCmpNW
StrDupW
UrlGetPartW

Exports

Exports

Boveboguty
Naloryleh
Qurijyhaqysax
Ralu
Vogycu

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CODE
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

885e9265cdad17b81ecadb98d10402f7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shlwapi

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 86KB

.data Size: 84KB - Virtual size: 164KB

.CODE Size: 8KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 808B

.text
Size: 88KB - Virtual size: 86KB

.data
Size: 84KB - Virtual size: 164KB

.CODE
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 808B