ff524cb333788baf59370a906f64c728_JaffaCakes118

General

Target

ff524cb333788baf59370a906f64c728_JaffaCakes118
Size

423KB
MD5

ff524cb333788baf59370a906f64c728
SHA1

37e4ce3bd3a9349b512b0fb30e603e719c260f56
SHA256

4fb10cec7b098935c5f30ccbeb6a8193b1818f6e223c7f33f2b3ca4098e2f188
SHA512

aa6c6536dc38edd4f4a4a82b31848d6f4bb497c94fe8dde1493ac23e05be93e5cb43b310a5b4831d32a09f556e8031c22874fbaeff533d18d696bd63e219e101
SSDEEP

6144:+fYszFvUH5i4KIPXtq7qJbOkUSCVqvofavd3QBid6YOHA+fbOf1E5lc3qZ9ckL:+AQv4tPXcqJikSYvf10qMw93qr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff524cb333788baf59370a906f64c728_JaffaCakes118

Files

ff524cb333788baf59370a906f64c728_JaffaCakes118
.exe windows:4 windows x86 arch:x86

670026ad40249cb8dc8145492737d2e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PrintDlgA
ReplaceTextW

kernel32

GetEnvironmentStrings
HeapCreate
GetFileType
FreeLibrary
InitializeCriticalSection
GetStdHandle
GetVersionExA
InterlockedIncrement
GetDateFormatA
SetConsoleCtrlHandler
QueryPerformanceCounter
GetACP
GetCPInfo
IsValidLocale
CompareStringW
LoadResource
GetCurrentThread
EnterCriticalSection
FreeEnvironmentStringsW
TlsGetValue
ExitProcess
HeapDestroy
CompareStringA
VirtualQuery
GetProcessHeap
GetLocaleInfoA
FreeEnvironmentStringsA
GetCurrentThreadId
GetCommandLineA
SetHandleCount
SetEnvironmentVariableA
GetCurrentProcess
LoadLibraryExA
GetTimeFormatA
GetStringTypeW
EnumSystemLocalesA
HeapAlloc
TlsFree
LCMapStringW
Sleep
GetLastError
GetEnvironmentStringsW
TerminateProcess
LCMapStringA
InterlockedDecrement
LoadLibraryA
HeapFree
SetLastError
GetCurrentProcessId
HeapReAlloc
DeleteCriticalSection
MultiByteToWideChar
GetStartupInfoA
SetUnhandledExceptionFilter
LeaveCriticalSection
GetModuleHandleA
GetTickCount
GetModuleFileNameA
InterlockedExchange
GetOEMCP
GetTimeZoneInformation
VirtualFree
IsValidCodePage
TlsSetValue
TlsAlloc
GetSystemTimeAsFileTime
VirtualAlloc
GetStringTypeA
lstrcpy
WideCharToMultiByte
UnhandledExceptionFilter
HeapSize
OpenProcess
IsDebuggerPresent
WriteFile
GetUserDefaultLCID
GetProcAddress
GetLocaleInfoW
RtlUnwind

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

670026ad40249cb8dc8145492737d2e3

Headers

File Characteristics

Imports

comdlg32

kernel32

Sections

.text Size: 126KB - Virtual size: 126KB

.rdata Size: 8KB - Virtual size: 14KB

.data Size: 279KB - Virtual size: 279KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 126KB - Virtual size: 126KB

.rdata
Size: 8KB - Virtual size: 14KB

.data
Size: 279KB - Virtual size: 279KB

.rsrc
Size: 8KB - Virtual size: 8KB