88d76e77c39f87023b638b533b4c922a_JaffaCakes118

General

Target

88d76e77c39f87023b638b533b4c922a_JaffaCakes118
Size

133KB
MD5

88d76e77c39f87023b638b533b4c922a
SHA1

b4ba2df3f33d096770891e8856659f04eeeab897
SHA256

361f2deb4c4232e6d938522e44fcf44ac4a1bd2a74f80b7bddc22ce6c3edda90
SHA512

3422e02a9a8f188f3d1865fd834f003fb4803ae9d5c2a6f087bb78e1454e45fbf8053fd7bd1eb3e2a7d0b2b5e797d89fd86d6afa5988b7f7dc97b3c1305f6f5f
SSDEEP

3072:l0rCk7ySSwBKale1K10yCaRkCEV8s8uO4CZmjwsOT14b2:GCk7zSwYale1K1UmDBTmMq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88d76e77c39f87023b638b533b4c922a_JaffaCakes118

Files

88d76e77c39f87023b638b533b4c922a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e17f3e5c0df81ea245677d62fb495450

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
FillConsoleOutputCharacterW
GlobalDeleteAtom
WriteConsoleOutputCharacterA
GetCurrentConsoleFont
GetLastError
GetSystemTimes
VirtualAlloc
GetCommState
GetVersionExA
VirtualLock
GetLocalTime
CloseConsoleHandle
GetCurrentDirectoryA
GetProcessShutdownParameters
CancelWaitableTimer
GetCurrentThread
GetComputerNameExA
GetSystemPowerStatus
FindFirstFileExA
DeleteTimerQueue
ResetEvent
GetConsoleTitleA
SetDllDirectoryA
GetCommandLineA
OpenSemaphoreA
GetDevicePowerState
GetFullPathNameA
GetVolumeInformationA
GetConsoleAliasesLengthA
ReadConsoleOutputCharacterA
VirtualFreeEx
SetLastConsoleEventActive
HeapFree
DuplicateHandle
SetLocaleInfoA
GlobalDeleteAtom
FindFirstFileExW
GetExitCodeProcess
PeekConsoleInputA

user32

UpdateLayeredWindow
GetClipCursor
EnumDisplaySettingsExA
CreatePopupMenu
AllowForegroundActivation
CreateIconFromResourceEx
IsCharUpperA
EditWndProc
EnumDisplayDevicesA
ChangeDisplaySettingsA
ReplyMessage
GetUpdateRect
SendMessageCallbackA
AttachThreadInput
CheckMenuRadioItem
GetWindowTextA
DialogBoxIndirectParamA
PostMessageA
BuildReasonArray
IsCharLowerA
SetDlgItemInt
TranslateMessage
CreateWindowStationW
IsGUIThread
EnumDesktopsA
GetWindowRgn
GrayStringA
FlashWindow
DestroyAcceleratorTable
GetClassLongA
CharLowerBuffA
LockWindowStation

Exports

Exports

Kpldfefu
ReadJepioekqine
Lwswurwms
ReadTetmaoisu
Ckebjighax
Qlanomxo
InitJcuwqhxohvb
Goqgxlqne
AddFtwppav
CloseXhisvkmpod
Lttyvqhlqr
Hobhmxbqmr
Fhqtdscmuxk
Lgmxhjf
Jagnprswatx
Qmgkbrjj
CreateLjkbjwxnu
Idlsxvqoac
Xsglkkuettx
Lelfdutamwj

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e17f3e5c0df81ea245677d62fb495450

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 79KB - Virtual size: 79KB

.idata Size: 2KB - Virtual size: 153KB

.rsrc Size: 50KB - Virtual size: 50KB

.text
Size: 79KB - Virtual size: 79KB

.idata
Size: 2KB - Virtual size: 153KB

.rsrc
Size: 50KB - Virtual size: 50KB