8e8bed72ee974078c75e3595801455b2_JaffaCakes118

General

Target

8e8bed72ee974078c75e3595801455b2_JaffaCakes118
Size

928KB
MD5

8e8bed72ee974078c75e3595801455b2
SHA1

4ed04f9f0bdc340c0c5a85a4c57ecb90e9f35759
SHA256

9a4e16bbc3638595332de8da4cb54732e9e1995fcb06690b0cae0e55835eb0c4
SHA512

fedf9718f8256d5c8e79fece1c1359d922050842d621e05f95e3ced6869be8dbe2176ea86e8a2d07adce8dc5b286671f1eff98ac534d7dd774af818713ac7ca2
SSDEEP

24576:PoPlwAMPbU7RgfHRjLUieKpn8mii7/P7YqkB1d/eDj:gtwJoRYxjIi1dii/D3FDj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e8bed72ee974078c75e3595801455b2_JaffaCakes118

Files

8e8bed72ee974078c75e3595801455b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b96c0f76873bd879c82c9e53f3452bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

WindowFromPoint
GetClipboardData
CreateAcceleratorTableW
wvsprintfW
SetWindowPlacement
IsCharAlphaW
IsDialogMessageA
IsCharLowerA
GetInputState
SetClipboardData
InsertMenuItemW
MonitorFromPoint
EndMenu
SubtractRect
EnableScrollBar
EndDialog
GetNextDlgTabItem
GetMenuItemRect
ReleaseDC
SetWindowTextA
MessageBoxIndirectW
LoadMenuIndirectW
ToUnicodeEx
DrawTextExA
ClipCursor

comdlg32

GetSaveFileNameA
FindTextW

kernel32

UnhandledExceptionFilter
SetHandleCount
FormatMessageA
GetOEMCP
DeleteFiber
FreeResource
PurgeComm
GetFileType
WriteFile
GetCurrentProcess
LocalAlloc
RemoveDirectoryW
DosDateTimeToFileTime
RaiseException
GetModuleFileNameW
MoveFileW
GlobalReAlloc
ExitProcess
GetCurrentDirectoryW
ScrollConsoleScreenBufferA
CreateDirectoryW
GlobalFlags
ExpandEnvironmentStringsW
GetTempFileNameA
FindFirstFileExW
VirtualQueryEx
GetAtomNameA
GetPrivateProfileSectionW

gdi32

InvertRgn
TextOutW
Chord
RoundRect
GetOutlineTextMetricsW
GetROP2
GetViewportOrgEx
GetObjectType
PlayEnhMetaFileRecord
CreateFontW

msvcrt

atol
longjmp
__p__environ
_mbsncmp
iswxdigit
_ismbcdigit
_popen
_read
_wstrdate
strtok
_spawnlp
wcslen
rename
_unlink
strtod
strtoul
strrchr
wcscat
towlower

Sections

.text
Size: 2KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 630KB - Virtual size: 630KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b96c0f76873bd879c82c9e53f3452bd

Headers

File Characteristics

Imports

user32

comdlg32

kernel32

gdi32

msvcrt

Sections

.text Size: 2KB - Virtual size: 219KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 630KB - Virtual size: 630KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 219KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 630KB - Virtual size: 630KB

.rsrc
Size: 17KB - Virtual size: 16KB