8c7ea26d78d33194941820548be0e849_JaffaCakes118

General

Target

8c7ea26d78d33194941820548be0e849_JaffaCakes118
Size

66KB
MD5

8c7ea26d78d33194941820548be0e849
SHA1

ccd91a0d020d13d139412b6410b374b698944ed1
SHA256

13f65795ec9c5cca1dc8e8917b44bb79789f9a5b1e11639f597f7228b33dffa9
SHA512

f878d30b608b5b8a2c3efaafe5be2f4c92361a6564ed0b8e5aa5f7d325a6d8bf998da5ca89594a848c260a611b8fcce3f104d94c14483ab3786f6e0afd5ecbed
SSDEEP

1536:QQQunHMLENNbSHYNiItOgBiOknI7w5vpUWZHtPFwJf25g8:QmnHfNNgKbwZaiqewJe5g8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c7ea26d78d33194941820548be0e849_JaffaCakes118

Files

8c7ea26d78d33194941820548be0e849_JaffaCakes118
.exe windows:1 windows x86 arch:x86

fa2ecfca416bc9314ed66569359967f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
GetSystemInfo
GetFileAttributesA
GetSystemTimeAsFileTime
CloseHandle
GetFileTime
TlsFree
DeviceIoControl
TlsGetValue
IsBadReadPtr
LockResource
VirtualQueryEx
GetLastError
ReadProcessMemory
WriteConsoleW
TerminateThread
PulseEvent
OpenProcess
GetCurrentDirectoryA
GetModuleHandleA
GetOEMCP
GetProcAddress
CompareStringA
GetStartupInfoA
SetEvent
ExitProcess

msvcrt

_stricmp
_ismbbpunct
_adj_fpatan
__p__commode
__set_app_type
_mbctoupper
_itow
_wenviron
_initterm
_amsg_exit
strcoll
_wcsnset
_setjmp3
__setusermatherr
gmtime
_putws
_ismbchira
_controlfp
atan
fgetpos
_copysign
_except_handler3
_filelengthi64
memcpy
_dup
_strncoll
ceil
strstr
_exit
_mbsnbcoll
_scalb
__p__fmode
_wstat64
_lseek
frexp
_spawnl
_adjust_fdiv
wcscoll
_wgetenv
_mbscoll
_wfindnext64
_acmdln
mktime
asctime
scanf
exit
__getmainargs
_XcptFilter

gdi32

GetObjectA
GetBkMode
DeleteDC
RectInRegion
SetBkColor
GetBkColor
SetTextAlign
BitBlt
EndPage
GetTextMetricsA
SelectObject
DeleteObject
StartDocA
CreateCompatibleDC
SaveDC
StartPage
SetROP2
ExtTextOutA
CreateRectRgnIndirect
SetTextColor

user32

IsDlgButtonChecked
MessageBoxA
CheckMenuItem
GetClassNameA
FindWindowA
SetTimer
ShowWindow
EnumChildWindows
EndDeferWindowPos
IsZoomed
GetWindowRect
GetPropA
GetUpdateRgn
ExitWindowsEx
DeleteMenu
GetWindowTextA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa2ecfca416bc9314ed66569359967f3

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 104KB

.rsrc Size: 33KB - Virtual size: 32KB

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 104KB

.rsrc
Size: 33KB - Virtual size: 32KB