a8b33490ae310ed8986db2996c0f422d_JaffaCakes118

General

Target

a8b33490ae310ed8986db2996c0f422d_JaffaCakes118
Size

469KB
MD5

a8b33490ae310ed8986db2996c0f422d
SHA1

1ce6f809920756a6f1ea0eff8a4b5ad79abd8bdc
SHA256

010b4d6192de57e672a393704d4cb4c6cf5a03f6ae25ccef78dc048c495f0cf8
SHA512

415a36f61d4426932e8d622080af4176abdb02556334ceb413fd7632b7a598119b3ac546d11d4086ccf7d16b1c2100a3c057eb26eda937bd6977746592334dce
SSDEEP

6144:h0ycLL6/e2nGbfJcqlWg774MnTowFNqhlB3Tx6F98UUeUOq3GYvAaNeJWrj1:WLL6moKfJDZv4MnToqUjBIeR3GPaNeJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8b33490ae310ed8986db2996c0f422d_JaffaCakes118

Files

a8b33490ae310ed8986db2996c0f422d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4950484a7da7d4f47bd283b951e32f37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
SetConsoleCtrlHandler
SetHandleCount
GetEnvironmentStrings
GetProcAddress
SetLastError
HeapReAlloc
Sleep
GetEnvironmentStringsW
InterlockedDecrement
GetCurrentProcessId
HeapAlloc
FreeLibrary
GetStringTypeW
UnhandledExceptionFilter
GetModuleHandleA
SetUnhandledExceptionFilter
GetACP
DeleteCriticalSection
TlsSetValue
GetUserDefaultLCID
LCMapStringW
GetLastError
LCMapStringA
TlsAlloc
FreeEnvironmentStringsW
HeapSize
EnumSystemLocalesA
LocalFileTimeToFileTime
ExitProcess
GetTickCount
EnterCriticalSection
LeaveCriticalSection
HeapFree
GetProcessHeap
GetModuleFileNameA
IsValidCodePage
LoadLibraryA
QueryPerformanceCounter
GetOEMCP
VirtualAlloc
GetCurrentDirectoryW
GetFileType
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetStartupInfoA
GetTimeFormatA
HeapCreate
VirtualFree
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoA
GetSystemTimeAsFileTime
GetStdHandle
GetCurrentThread
DeleteAtom
GetStringTypeA
GetTimeZoneInformation
GetCommandLineA
WriteFile
TlsFree
IsValidLocale
GetCPInfo
GetVersionExA
WideCharToMultiByte
FreeEnvironmentStringsA
MultiByteToWideChar
GetDateFormatA
HeapDestroy
CompareStringA
InterlockedExchange
InterlockedIncrement
InitializeCriticalSection
GetLocaleInfoW
TlsGetValue

comdlg32

GetOpenFileNameW
GetSaveFileNameA
GetFileTitleW

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 345KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4950484a7da7d4f47bd283b951e32f37

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 112KB - Virtual size: 111KB

.data Size: 345KB - Virtual size: 343KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 112KB - Virtual size: 111KB

.data
Size: 345KB - Virtual size: 343KB

.rsrc
Size: 11KB - Virtual size: 11KB