02c9a195c9aa00faea7db357cd41ce8a_JaffaCakes118

General

Target

02c9a195c9aa00faea7db357cd41ce8a_JaffaCakes118
Size

433KB
MD5

02c9a195c9aa00faea7db357cd41ce8a
SHA1

51b6fe0633af83f1f7c94c4fee243253623419c0
SHA256

d28870fa37ba6a284562f0b54b137e9922729d8478cf6383c28e50e4b74cecc7
SHA512

f00d47050a0b6ac16f96541de5ef029a97f4b3edf387b7c0ecd4b4fb44078e3a84354847e7c012054959f3145e2e775b0544538063b8125d2f59775174b0e8ba
SSDEEP

12288:4KmFSs6Xw718MyXk6/FDj4fMttcuRfZQajeV:4aI18bXk6qfKxaV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02c9a195c9aa00faea7db357cd41ce8a_JaffaCakes118

Files

02c9a195c9aa00faea7db357cd41ce8a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e3ac43453c50b5399e267b0585d76905

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSectionAndSpinCount
LCMapStringW
MultiByteToWideChar
VirtualFree
GetProcAddress
SetConsoleCtrlHandler
HeapReAlloc
WriteFile
GetCPInfo
HeapDestroy
GetCurrentProcessId
HeapAlloc
EnterCriticalSection
GetOEMCP
TlsFree
GetModuleHandleA
SetEnvironmentVariableA
GetVersionExW
SetFileTime
TlsAlloc
GetStringTypeA
IsValidCodePage
GetDateFormatA
IsDebuggerPresent
SetLastError
DeleteCriticalSection
GetUserDefaultLCID
CompareStringA
GetConsoleCursorInfo
ExitProcess
GetTickCount
FlushFileBuffers
IsValidLocale
HeapFree
GetLastError
GetModuleFileNameA
InterlockedDecrement
LoadLibraryA
QueryPerformanceCounter
GetFileType
VirtualAlloc
FindResourceA
GetCommandLineA
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetLocaleInfoA
GetStartupInfoA
GetTimeFormatA
TlsGetValue
FileTimeToSystemTime
LeaveCriticalSection
GetEnvironmentStrings
GetSystemTimeAsFileTime
GetLocaleInfoW
FreeEnvironmentStringsW
WritePrivateProfileSectionW
GetModuleHandleW
GetStdHandle
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedIncrement
EnumSystemLocalesA
GetStringTypeW
TlsSetValue
CompareStringW
LCMapStringA
WideCharToMultiByte
GetTimeZoneInformation
GetCurrentThread
InterlockedExchange
HeapSize
HeapCreate
GetEnvironmentStringsW
Sleep
GetACP
FreeLibrary
SetHandleCount

comdlg32

ReplaceTextW
PrintDlgW
PageSetupDlgW
GetFileTitleA
ChooseFontA
ChooseFontW
PageSetupDlgA
FindTextW
PrintDlgA
FindTextA
GetOpenFileNameW
GetFileTitleW

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 309KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3ac43453c50b5399e267b0585d76905

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 111KB - Virtual size: 110KB

.data Size: 309KB - Virtual size: 317KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 111KB - Virtual size: 110KB

.data
Size: 309KB - Virtual size: 317KB

.rsrc
Size: 11KB - Virtual size: 11KB