a8eb331b6632c2cc901f789d9ad32611_JaffaCakes118

General

Target

a8eb331b6632c2cc901f789d9ad32611_JaffaCakes118
Size

409KB
MD5

a8eb331b6632c2cc901f789d9ad32611
SHA1

31052087301f74dd1411d9e21100a73accc61789
SHA256

17cd4e3a1af902327be0b8b0e70e63239816435be3565f531ad3984af8882b82
SHA512

64a717b934eb5eb1c1f8cb9b74503c8f767f3bc5803d165c848594ac3039a6be98407bc0faae4e37b47a72e7d6017c8ba0d9dc2d68714abd530f95748063a97b
SSDEEP

12288:q5mzb9bUIG7FtpgaN4knP8HRUN6AAaV1uPMrBenUQf:tX5Uvby9knwRUUXaVhA/f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8eb331b6632c2cc901f789d9ad32611_JaffaCakes118

Files

a8eb331b6632c2cc901f789d9ad32611_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f4b3f3310e7536e88178ba3bf0831679

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
EnterCriticalSection
FreeEnvironmentStringsA
GetACP
TlsGetValue
GetEnvironmentStringsW
HeapAlloc
LoadLibraryA
GetStartupInfoA
MultiByteToWideChar
GetCPInfo
DeleteCriticalSection
GetEnvironmentStrings
HeapCreate
InterlockedExchange
GetTickCount
GetStringTypeW
VirtualFree
WideCharToMultiByte
GetCommandLineA
LeaveCriticalSection
LCMapStringA
WriteFile
LCMapStringW
OpenProcess
GetCurrentThreadId
TlsAlloc
UnhandledExceptionFilter
GetProcAddress
GetLastError
TlsSetValue
HeapFree
FreeEnvironmentStringsW
IsBadWritePtr
WaitForMultipleObjectsEx
InitializeCriticalSection
VirtualQuery
GetStdHandle
SetLastError
GetSystemTimeAsFileTime
GetVersion
GetCurrentProcessId
GetOEMCP
TlsFree
HeapReAlloc
RtlUnwind
ExitProcess
GetFileType
GetCurrentThread
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
HeapDestroy
GetModuleHandleA
SetHandleCount
GetModuleFileNameA

wininet

IsUrlCacheEntryExpiredW
InternetCloseHandle

advapi32

RegSetValueExA
CryptSetKeyParam
StartServiceA

comdlg32

ChooseFontW
GetSaveFileNameW
ReplaceTextA
PrintDlgA
ReplaceTextW
PrintDlgW
GetOpenFileNameA
ChooseColorW
ChooseFontA

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4b3f3310e7536e88178ba3bf0831679

Headers

File Characteristics

Imports

kernel32

wininet

advapi32

comdlg32

Sections

.text Size: 130KB - Virtual size: 130KB

.data Size: 268KB - Virtual size: 287KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 130KB - Virtual size: 130KB

.data
Size: 268KB - Virtual size: 287KB

.rsrc
Size: 9KB - Virtual size: 8KB