ff48154ce7041da2ef81e22a01660bdf_JaffaCakes118

General

Target

ff48154ce7041da2ef81e22a01660bdf_JaffaCakes118
Size

63KB
MD5

ff48154ce7041da2ef81e22a01660bdf
SHA1

f55bae5c41ee7fbbb70db76e9256ac512d8bb72e
SHA256

7f1b09226b103b0a08dee6b621ba87e6a301b794855fc2b6f78d63b2a341acf9
SHA512

ffbc0876a761f2836122f628b98065a9ff06d42e09eb4c35491bdf3ecc4310c3b71d177b56e1e6be460dbfd4d243953bc31bde3cbf1eba3a6abdc1e1f971140b
SSDEEP

1536:6Le4CVKIk3E4CpuHCjnCz4fuJ7YvfKG7GlcmiWPlzMeoW/2:CCVXk37+j84WJ0vfz7Oigz+W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff48154ce7041da2ef81e22a01660bdf_JaffaCakes118

Files

ff48154ce7041da2ef81e22a01660bdf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88760c772f9495271596caa6fdf2db8a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
FindResourceW
CopyFileA
VirtualProtect
GetLastError
GetFileAttributesA
GetDiskFreeSpaceW
CreateDirectoryW
LoadLibraryA
GetCurrentDirectoryW
GetPrivateProfileIntW
DisableThreadLibraryCalls
GetModuleHandleA
LocalReAlloc
CreateDirectoryA
ExitProcess
VirtualAlloc
LocalHandle
GetVersionExW

msvcrt

_fgetwchar
_wcsdup
wcspbrk
_iob
isalnum
memcpy
_ismbcalnum
_control87
memcmp
__fpecode
_wexecve
getc
_environ
_mbsstr
_wctime
sprintf
_sys_nerr

user32

MessageBeep
ModifyMenuA
GetPropW
EnumChildWindows
LoadAcceleratorsW
LoadImageW
LoadStringA
LoadCursorFromFileA
TranslateAcceleratorW
EnableMenuItem

gdi32

GetNearestPaletteIndex
SetViewportExtEx
GetTextExtentExPointW
ExtCreatePen
CreateFontIndirectW
SetMapMode
MoveToEx
SetDIBitsToDevice
SetBkMode
CombineRgn

Exports

Exports

XegfartBctlohUo
QbpSqrgtbw

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88760c772f9495271596caa6fdf2db8a

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 13KB - Virtual size: 12KB

.rsrc Size: 30KB - Virtual size: 30KB

.reloc Size: 512B - Virtual size: 64B

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 30KB - Virtual size: 30KB

.reloc
Size: 512B - Virtual size: 64B