fee083777dbf8c063db56257cce3de08_JaffaCakes118

General

Target

fee083777dbf8c063db56257cce3de08_JaffaCakes118
Size

387KB
MD5

fee083777dbf8c063db56257cce3de08
SHA1

fcfb3e031dd79ce9e293e54b41f3f7bf634c46b8
SHA256

9f106fe909d7b6f6334eaca0c82677cd4401df3532cc27807958cacfb1766653
SHA512

b413ef8ea0cf74899281bf1697cbab9e03abda5ed0536a5d32faaac7d501401fffaaf59bc60e2952101fd8992a48a305b61ebecb15f6a26496b0cb97533b0972
SSDEEP

12288:vMzqcdQrO8rgVInmWmWqwhhcWIwbqcM0:vMzrErocrMYW/wbnj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fee083777dbf8c063db56257cce3de08_JaffaCakes118

Files

fee083777dbf8c063db56257cce3de08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

82f4507bdabf56ca699181c0a595d1b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
WriteFile
SetHandleCount
GetLastError
GetProcAddress
GetStringTypeW
HeapReAlloc
TlsAlloc
GetOEMCP
TlsSetValue
GetCurrentProcessId
HeapAlloc
GetCommandLineA
LCMapStringA
UnhandledExceptionFilter
GetModuleHandleA
GetACP
EnumDateFormatsExW
EnterCriticalSection
InterlockedExchange
MultiByteToWideChar
GetEnvironmentStrings
GetStdHandle
LeaveCriticalSection
GetFileType
GetCPInfo
TlsFree
FreeEnvironmentStringsW
WritePrivateProfileSectionW
ExitProcess
GetTickCount
FreeEnvironmentStringsA
VirtualProtect
HeapFree
HeapCreate
GetModuleFileNameA
WideCharToMultiByte
LoadLibraryA
QueryPerformanceCounter
GetVersion
VirtualAlloc
lstrlenA
GetStartupInfoA
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
HeapDestroy
LCMapStringW
SetLastError
TlsGetValue
DeleteCriticalSection
GetCurrentThread
GetStringTypeA
GetSystemTimeAsFileTime
InitializeCriticalSection
GetEnvironmentStringsW
GetCalendarInfoW
IsBadWritePtr

comdlg32

PageSetupDlgA
FindTextA
ReplaceTextW
GetOpenFileNameA
GetFileTitleW
ChooseColorA

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82f4507bdabf56ca699181c0a595d1b9

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 110KB - Virtual size: 109KB

.data Size: 268KB - Virtual size: 298KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 110KB - Virtual size: 109KB

.data
Size: 268KB - Virtual size: 298KB

.rsrc
Size: 8KB - Virtual size: 8KB