e228d185c47138d1e0f3105940c268df_JaffaCakes118

General

Target

e228d185c47138d1e0f3105940c268df_JaffaCakes118
Size

273KB
MD5

e228d185c47138d1e0f3105940c268df
SHA1

83191385012692ae95ebe3352dd37e67c285c281
SHA256

c235ea9ed88326e617d3e789abf3e43bc76971ea625d45dabde21755fdb666f8
SHA512

f974efc3e3df4f5c4245ac41244ff33e86e03bee20bbda049dc13ea4dcafdbc195a47e9999dc49427fdbe020fdaede3b9ae9bf5819bef23111218b0139234662
SSDEEP

6144:Rdhsy2fVhDRevo52XFYuFy6DTGmsQpo5tdj2uYYa1lABLKA9yAR6QVPhgaJ8CZGZ:lsy6hDvqF8QpoJjFYkWjAR6QzgQ8C76Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e228d185c47138d1e0f3105940c268df_JaffaCakes118

Files

e228d185c47138d1e0f3105940c268df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f77897c8d7fd05ef5775cb608d9d10ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameW
GetFileTitleW
PrintDlgA
PageSetupDlgA

kernel32

GetCommandLineA
GetCurrentThread
GetOEMCP
CreateSemaphoreW
FreeEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
GetVersion
VirtualAlloc
HeapDestroy
TlsFree
GetCurrentProcessId
LCMapStringW
GetCurrentThreadId
LeaveCriticalSection
WriteFile
GetStdHandle
SetThreadPriority
lstrcmpi
GetTickCount
LoadLibraryA
CommConfigDialogW
LCMapStringA
SetConsoleCursorInfo
PulseEvent
GetSystemTimeAsFileTime
SetStdHandle
GetLastError
GetProcAddress
UnhandledExceptionFilter
OpenMutexW
VirtualFree
GetEnvironmentStringsW
GetModuleFileNameA
ExitProcess
GetStringTypeW
GetStartupInfoA
GetFileType
IsBadWritePtr
VirtualQuery
FoldStringA
DeleteCriticalSection
ReadConsoleInputW
HeapReAlloc
QueryPerformanceCounter
TlsAlloc
CreateWaitableTimerA
WideCharToMultiByte
GetModuleHandleA
GetConsoleTitleA
HeapAlloc
SetWaitableTimer
GetStringTypeA
InitializeCriticalSection
GetPrivateProfileStringA
MultiByteToWideChar
TlsGetValue
HeapFree
EnterCriticalSection
SetLastError
GetACP
GetProfileIntW
TlsSetValue
FreeEnvironmentStringsA
GetCPInfo
MapViewOfFileEx
InterlockedExchange
ReadConsoleOutputA
TerminateProcess
GetCurrentProcess
RtlUnwind
HeapCreate

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f77897c8d7fd05ef5775cb608d9d10ad

Headers

File Characteristics

Imports

comdlg32

kernel32

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 3KB - Virtual size: 19KB

.data Size: 168KB - Virtual size: 168KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 3KB - Virtual size: 19KB

.data
Size: 168KB - Virtual size: 168KB

.rsrc
Size: 3KB - Virtual size: 2KB