b7b9b898721044c4b22432669d831240_JaffaCakes118

General

Target

b7b9b898721044c4b22432669d831240_JaffaCakes118
Size

433KB
MD5

b7b9b898721044c4b22432669d831240
SHA1

c63a7f4250f9ba9af5a522965c9fd1c53804a5de
SHA256

5f786997afe39d9a963102147ee62edb41718dbc1d4ab7c4bb351d4f180ca34c
SHA512

cde2291c1120eedf092531e7f2be2524d44b370202dd559e5352a592e1228f0def088143febb11f2d131dfce5929a0956d2f2a009ead2dfb5ced05508842bfe9
SSDEEP

12288:6YE5I7aJjKJ5DQuCr4X06rHas7B/7V9ZKdDIxuEw7D/7P/Jhb:6YB7pZKdDOw7b7Jhb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7b9b898721044c4b22432669d831240_JaffaCakes118

Files

b7b9b898721044c4b22432669d831240_JaffaCakes118
.exe windows:4 windows x86 arch:x86

223ecd490be2a8c2ddc08bdddc83064d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
LCMapStringA
LeaveCriticalSection
UnhandledExceptionFilter
GetProcAddress
MultiByteToWideChar
HeapReAlloc
WideCharToMultiByte
GetDateFormatA
HeapCreate
GetCurrentProcessId
HeapAlloc
FreeEnvironmentStringsW
GetStartupInfoA
TlsAlloc
GetModuleHandleA
SetConsoleCtrlHandler
FileTimeToSystemTime
CompareStringW
Sleep
GetStringTypeA
IsDebuggerPresent
GetEnvironmentStringsW
InterlockedIncrement
SetHandleCount
FreeEnvironmentStringsA
GetUserDefaultLCID
EnterCriticalSection
GetACP
ExitProcess
GetTickCount
DeleteCriticalSection
WriteFile
HeapFree
GetLocaleInfoW
GetModuleFileNameA
InitializeCriticalSection
LoadLibraryA
QueryPerformanceCounter
GetLocaleInfoA
VirtualAlloc
GetModuleHandleW
GetEnvironmentStrings
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetModuleFileNameW
GetStartupInfoW
GetTimeFormatA
TlsFree
CompareStringA
LCMapStringW
GetFileType
GetSystemTimeAsFileTime
GetOEMCP
GetCommandLineA
GetFileAttributesA
GetProcessHeap
GetStdHandle
GetCPInfo
TlsSetValue
SetLastError
InterlockedDecrement
FreeLibrary
GetStringTypeW
TlsGetValue
EnumSystemLocalesA
IsValidLocale
VirtualFree
GetTimeZoneInformation
GetStringTypeExA
InterlockedExchange
HeapDestroy
GetVersionExA
GetLastError
SetUnhandledExceptionFilter
GetCurrentThread
GetCommandLineW
SetEnvironmentVariableA
IsValidCodePage

comdlg32

PageSetupDlgW
GetFileTitleA

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

223ecd490be2a8c2ddc08bdddc83064d

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 145KB - Virtual size: 145KB

.data Size: 276KB - Virtual size: 288KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 145KB - Virtual size: 145KB

.data
Size: 276KB - Virtual size: 288KB

.rsrc
Size: 10KB - Virtual size: 10KB