ff38b67681ab7ed60197784cca17a6ef_JaffaCakes118

General

Target

ff38b67681ab7ed60197784cca17a6ef_JaffaCakes118
Size

160KB
MD5

ff38b67681ab7ed60197784cca17a6ef
SHA1

52e63b03fa6a6768a6cc5c179b99b11afb8adf00
SHA256

2c72d52cda31a00bef5086b79adfa68d1d205eab016ed99385f427b71331c81f
SHA512

c75cceb29d5ecc728e2f9c232cd9e525b48e6310761258b8bbf6d326dafff392be37012e86cefad095f32d3101be9e9b03bed3629b6909b59c50223049f85709
SSDEEP

3072:As0URtloYch5YTcNVFMqbsGJ7dVKXe814G+nPiJvuKg3n/cYjjYpq:AsTxoYch5YTcnXNdoe8Sznatm3n/jGq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff38b67681ab7ed60197784cca17a6ef_JaffaCakes118

Files

ff38b67681ab7ed60197784cca17a6ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1a72d767893fbfbb031c988b8ff8bdc0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
MultiByteToWideChar
LoadLibraryA
LCMapStringW
HeapReAlloc
VirtualAlloc
HeapAlloc
GetStringTypeA
lstrlenA
VerLanguageNameA
ReadConsoleA
GetProcAddress
FreeConsole
GetOEMCP
GetACP
GetCPInfo
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
GetStringTypeW

user32

MessageBoxA
GetWindowLongA
CreateMenu
UpdateWindow
ShowWindow
CallWindowProcA
CreateWindowExA
SetWindowLongA
IsWindow

gdi32

CreateCompatibleDC
CreateDIBitmap
GetFontData
DeleteDC
SelectPalette
TextOutA

comdlg32

PrintDlgA

shell32

ShellExecuteA
SHGetFileInfoA

ole32

CoCreateInstance
CoInitialize

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a72d767893fbfbb031c988b8ff8bdc0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

Sections

.text Size: 16KB - Virtual size: 12KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 132KB - Virtual size: 130KB

.text
Size: 16KB - Virtual size: 12KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 132KB - Virtual size: 130KB