93dbe1102fa9255a734f52a4af1a2cb4_JaffaCakes118

General

Target

93dbe1102fa9255a734f52a4af1a2cb4_JaffaCakes118
Size

394KB
MD5

93dbe1102fa9255a734f52a4af1a2cb4
SHA1

e7e3345001742d3f5fb286e775c25eeb344018a4
SHA256

9c83bca21ad59bf8491fb0d08c53d443f2ab0776ba1879d8726e06e91423efae
SHA512

98dd746fdbcea0ca336e161b00dcb32cc1fa7850ed7b8b06392b1d02163e2950013471beb4056cba8fa3049a1ad0d47d5c5e89e5887d3892fcafec2d320819d3
SSDEEP

6144:XV/m1lzHsclHsZCBOONk9XfXVj/4AhylbI2RE0+wBXeYtk5u9ErvU1ddSdj:pqzHBlHsEBOONWWBltuhwBOfu2rv+dS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93dbe1102fa9255a734f52a4af1a2cb4_JaffaCakes118

Files

93dbe1102fa9255a734f52a4af1a2cb4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9780cd6ebc43f0608cdb4b77d34100d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
UnhandledExceptionFilter
TransmitCommChar
DeleteCriticalSection
SetHandleCount
GetCPInfo
HeapAlloc
LoadLibraryA
GetEnvironmentStringsW
IsBadWritePtr
EnterCriticalSection
SetFileAttributesW
GetACP
GetStdHandle
InterlockedExchange
GetTickCount
GetOEMCP
TlsFree
TlsGetValue
FreeEnvironmentStringsA
InitializeCriticalSection
HeapCreate
TlsSetValue
HeapDestroy
FindFirstFileExA
WriteFile
LeaveCriticalSection
TlsAlloc
GetProcAddress
GetCurrentThread
SetLastError
HeapFree
FindFirstFileExW
GetVersion
ReadConsoleOutputAttribute
GetStringTypeW
VirtualQuery
GetFileType
LCMapStringW
GetSystemTimeAsFileTime
GetStartupInfoA
GetCurrentProcessId
GetEnvironmentStrings
MultiByteToWideChar
HeapReAlloc
WideCharToMultiByte
ExitProcess
GetCommandLineA
FreeEnvironmentStringsW
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
GetStringTypeA
GetModuleHandleA
LCMapStringA
GetModuleFileNameA
SetThreadPriority
GetCurrentThreadId
RtlUnwind
VirtualFree

user32

GetProcessWindowStation
CheckRadioButton
IsCharAlphaNumericA
WindowFromPoint
LoadCursorFromFileA
SetMenuItemInfoA
LoadAcceleratorsW
GetWindowTextA
SetDlgItemTextW
MonitorFromWindow
SetPropW
DdeQueryStringW
GetKBCodePage
SetDoubleClickTime
MapVirtualKeyExA
DragObject

shell32

FindExecutableW
SHFileOperationW
ExtractAssociatedIconA
RealShellExecuteA
SHGetSpecialFolderPathA
DuplicateIcon
SHFileOperationA

comdlg32

PageSetupDlgA
GetFileTitleA
GetSaveFileNameW
GetSaveFileNameA
LoadAlterBitmap
FindTextA

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 265KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9780cd6ebc43f0608cdb4b77d34100d4

Headers

File Characteristics

Imports

kernel32

user32

shell32

comdlg32

Sections

.text Size: 116KB - Virtual size: 115KB

.data Size: 265KB - Virtual size: 281KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 116KB - Virtual size: 115KB

.data
Size: 265KB - Virtual size: 281KB

.rsrc
Size: 12KB - Virtual size: 11KB