ae1f2a41824364027420e94ebbf860c4_JaffaCakes118

General

Target

ae1f2a41824364027420e94ebbf860c4_JaffaCakes118
Size

400KB
MD5

ae1f2a41824364027420e94ebbf860c4
SHA1

696b23a82bf2be51feaf8f99b29c604d62435a5b
SHA256

1fd9c228f377586e3264171f12cd821ee356546f02da5da527408bf7b2e9f460
SHA512

d66de84b3b3218eeb073715e92c94a92a66471a2c19acd08206a5a4aa3265a2127a808d3ef233bff2aea7304d63e2bb3c3fa2fbd8661d061bf69b7a52445a34c
SSDEEP

12288:ZRYoF9JsH4HIBl7i5vpmblLgTc5h9TRevdS:7+duBKgTcZ9S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae1f2a41824364027420e94ebbf860c4_JaffaCakes118

Files

ae1f2a41824364027420e94ebbf860c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

737fe5afb76b557da50df888542979ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocale
SetLastError
TlsFree
GetEnvironmentStrings
GetProcAddress
TlsGetValue
HeapReAlloc
UnhandledExceptionFilter
GetEnvironmentStringsW
IsBadWritePtr
GetCurrentProcessId
HeapAlloc
GetACP
GetSystemInfo
IsValidCodePage
GetModuleHandleA
TlsSetValue
WriteConsoleOutputCharacterA
DeleteCriticalSection
WriteFile
GetUserDefaultLCID
MultiByteToWideChar
GetLastError
LeaveCriticalSection
VirtualFree
FreeEnvironmentStringsW
HeapSize
EnumSystemLocalesA
CreateSemaphoreW
ExitProcess
GetTickCount
EnterCriticalSection
SetEnvironmentVariableA
HeapFree
GetStartupInfoA
GetModuleFileNameA
LCMapStringA
LoadLibraryA
QueryPerformanceCounter
GetOEMCP
VirtualAlloc
GetProcessAffinityMask
GetFileType
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetStdHandle
GetTimeFormatA
HeapCreate
InitializeCriticalSection
CompareStringW
TlsAlloc
GetLocaleInfoA
GetSystemTimeAsFileTime
GetStringTypeA
GetCurrentThread
GlobalAlloc
GetStringTypeW
GetTimeZoneInformation
GetCommandLineA
WideCharToMultiByte
VirtualProtect
LCMapStringW
GetCPInfo
GetVersionExA
GetLocaleInfoW
FreeEnvironmentStringsA
SetHandleCount
GetDateFormatA
HeapDestroy
CompareStringA
InterlockedExchange

comdlg32

ReplaceTextW
GetSaveFileNameA
GetSaveFileNameW
ChooseColorA
PrintDlgA
LoadAlterBitmap
ChooseFontA

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 270KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

737fe5afb76b557da50df888542979ea

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 125KB - Virtual size: 124KB

.data Size: 270KB - Virtual size: 287KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 125KB - Virtual size: 124KB

.data
Size: 270KB - Virtual size: 287KB

.rsrc
Size: 4KB - Virtual size: 4KB