8bd862047546cf639f32e135482a703f_JaffaCakes118

General

Target

8bd862047546cf639f32e135482a703f_JaffaCakes118
Size

403KB
MD5

8bd862047546cf639f32e135482a703f
SHA1

6a7a6557cd399322e0649098384e405ac5b2861a
SHA256

fd39c8ca1c9353fa74099c0b570d9cf4f33d8ed6487abda16ac7d18f114a9ae2
SHA512

d4078802bcbbc0b1866d1775b4a2d31ec3b1f9c7b638aab22098e0d9a00b4580efc9fd5566f3d3fd7620534868e78798ec08635b96acb08e8089b1f002ad9a76
SSDEEP

12288:7wGniSVRJ4AGjhF9IUFHOih3ygK1/1vQ:7wGntV4dhnHOrZ11I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bd862047546cf639f32e135482a703f_JaffaCakes118

Files

8bd862047546cf639f32e135482a703f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9440c83aa710b09810dc4a4dcfc4266f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

OffsetViewportOrgEx
GetNearestPaletteIndex
InvertRgn

kernel32

TlsGetValue
RtlUnwind
GetACP
SetHandleCount
GetCommandLineA
TlsSetValue
GetModuleHandleA
LeaveCriticalSection
GetTempPathW
SetLastError
GetSystemTimeAsFileTime
EnterCriticalSection
FreeEnvironmentStringsW
GetOEMCP
GetStdHandle
HeapDestroy
VirtualFree
GetCurrentThread
InitializeCriticalSection
FreeEnvironmentStringsA
UnlockFile
ExitProcess
GetCurrentProcessId
SetConsoleMode
QueryPerformanceCounter
IsBadWritePtr
HeapReAlloc
WriteFile
TlsAlloc
GlobalFindAtomW
GetThreadContext
InterlockedExchange
LCMapStringA
GetModuleFileNameA
FillConsoleOutputCharacterA
WideCharToMultiByte
GetProcAddress
LCMapStringW
GetEnvironmentStringsW
GetTickCount
SetFilePointer
TerminateProcess
LocalAlloc
CreateProcessA
UnhandledExceptionFilter
GetVersion
MultiByteToWideChar
GetNamedPipeHandleStateA
HeapFree
ReadConsoleOutputW
LoadLibraryA
HeapAlloc
VirtualQuery
GetCurrentThreadId
GetStringTypeW
GetCPInfo
GetFileType
OutputDebugStringW
HeapCreate
lstrcmp
GetDiskFreeSpaceA
GetStartupInfoA
VirtualAlloc
CreateRemoteThread
GetLastError
DeleteCriticalSection
GetCurrentProcess
TlsFree
GetEnvironmentStrings
GetStringTypeA

comdlg32

PageSetupDlgW
ReplaceTextW

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9440c83aa710b09810dc4a4dcfc4266f

Headers

File Characteristics

Imports

gdi32

kernel32

comdlg32

Sections

.text Size: 114KB - Virtual size: 114KB

.rdata Size: 3KB - Virtual size: 30KB

.data Size: 277KB - Virtual size: 276KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 114KB - Virtual size: 114KB

.rdata
Size: 3KB - Virtual size: 30KB

.data
Size: 277KB - Virtual size: 276KB

.rsrc
Size: 8KB - Virtual size: 7KB