b812d2c7190184a289a770e974761d84_JaffaCakes118

General

Target

b812d2c7190184a289a770e974761d84_JaffaCakes118
Size

428KB
MD5

b812d2c7190184a289a770e974761d84
SHA1

cfc3aa9e2a94aee3e35ad2d1e645264056456ee8
SHA256

9765590166ce94be3066dc907392d22cb8d388c7fc5a11a5766948809c7806ca
SHA512

6544f0e22d3f8256572d4511d63f1012a2e96beab748c0ca0e0981429461c874c41d13d657f79db575f6a751ea5f4a7f12d897d9e49dfb678c325c709eac0c7f
SSDEEP

12288:JefzgDdv7q1AbqsyfTBvypMqFeQs2AGx:8h1AbMEH0De

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b812d2c7190184a289a770e974761d84_JaffaCakes118

Files

b812d2c7190184a289a770e974761d84_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0da4649305a529c27c5260bc98e2b57a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
SetConsoleCtrlHandler
SetHandleCount
GetEnvironmentStrings
GetProcAddress
SetLastError
HeapReAlloc
Sleep
GetEnvironmentStringsW
InterlockedDecrement
GetCurrentProcessId
HeapAlloc
GetACP
GetStringTypeW
UnhandledExceptionFilter
GetModuleHandleA
SetUnhandledExceptionFilter
GetDriveTypeW
EnterCriticalSection
TlsSetValue
GetUserDefaultLCID
LCMapStringW
GetLastError
LCMapStringA
TlsAlloc
FreeLibrary
HeapSize
FreeEnvironmentStringsA
ReadConsoleOutputW
ExitProcess
GetTickCount
EnumSystemLocalesA
LeaveCriticalSection
HeapFree
GetProcessHeap
GetModuleFileNameA
IsValidCodePage
LoadLibraryA
QueryPerformanceCounter
GetOEMCP
VirtualAlloc
CompareStringA
GetFileType
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetStartupInfoA
GetTimeFormatA
HeapCreate
VirtualFree
DeleteCriticalSection
SetEnvironmentVariableA
GetLocaleInfoA
GetSystemTimeAsFileTime
GetStdHandle
GetCurrentThread
GlobalAddAtomA
GetStringTypeA
GetTimeZoneInformation
GetCommandLineA
WriteFile
TlsFree
IsValidLocale
GetCPInfo
GetVersionExA
WideCharToMultiByte
FreeEnvironmentStringsW
MultiByteToWideChar
GetDateFormatA
HeapDestroy
CompareStringW
InterlockedExchange
InterlockedIncrement
InitializeCriticalSection
GetLocaleInfoW
TlsGetValue

comdlg32

GetOpenFileNameA
GetSaveFileNameA
LoadAlterBitmap
GetFileTitleW
FindTextA
ReplaceTextA
PrintDlgW
GetSaveFileNameW

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 310KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0da4649305a529c27c5260bc98e2b57a

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 106KB - Virtual size: 105KB

.data Size: 310KB - Virtual size: 328KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 106KB - Virtual size: 105KB

.data
Size: 310KB - Virtual size: 328KB

.rsrc
Size: 11KB - Virtual size: 10KB