02db8c15b97a8b6a750e7586fc22aaab_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

02db8c15b97a8b6a750e7586fc22aaab_JaffaCakes118
Size

248KB
MD5

02db8c15b97a8b6a750e7586fc22aaab
SHA1

388ac3f9aed3fab1942ca250c72eb500b1975d49
SHA256

0e48c9aa40d8430c76f28b909bc302dbf09f06a555ff29e5c49f9a7956675b66
SHA512

94e7212345a278ec093a79b671e287594329ed6d29f346f0f28263f489f8c98a00e3b6caffe3934b96e6bcf093a50aa64505a4a4eec595a27767cb17482aa5c9
SSDEEP

6144:tItxC0cyZneVASMSDE6wJ4hEWVwO1w2I+/qcgIKraoC145tt3DhwTAuUuH:yPcyFJ5J4Si19q1Xc633DqTL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02db8c15b97a8b6a750e7586fc22aaab_JaffaCakes118

Files

02db8c15b97a8b6a750e7586fc22aaab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

357a7417754cbe3d5a2e70e888e76e54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
GetLastError
WriteFile
GetEnvironmentStrings
RtlUnwind
MultiByteToWideChar
GetDateFormatA
GetCurrentProcess
IsValidCodePage
VirtualAlloc
TlsSetValue
VirtualProtect
HeapReAlloc
HeapDestroy
EnterCriticalSection
HeapCreate
GetStdHandle
InterlockedExchange
GetModuleFileNameA
GetStringTypeW
LeaveCriticalSection
ExitProcess
GetTimeZoneInformation
LCMapStringW
SetLastError
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
IsValidLocale
GetStartupInfoA
TlsGetValue
QueryPerformanceCounter
DeleteCriticalSection
UnhandledExceptionFilter
GetCPInfo
VirtualQuery
GetCurrentThreadId
GetOEMCP
HeapAlloc
InitializeCriticalSection
HeapFree
CompareStringA
TerminateProcess
GetCurrentProcessId
GetCurrentThread
SetEnvironmentVariableA
LCMapStringA
GetFileAttributesW
TlsFree
GetLocaleInfoW
GetUserDefaultLCID
SetHandleCount
GetStringTypeA
VirtualFree
WideCharToMultiByte
FreeEnvironmentStringsA
GetEnvironmentStringsW
GetModuleHandleA
EnumSystemLocalesA
GetTimeFormatA
GetCommandLineA
CompareStringW
IsBadWritePtr
GetACP
FreeEnvironmentStringsW
GetLocaleInfoA
TlsAlloc
GetProcAddress
GetVersionExA
HeapSize
GetFileType

user32

MonitorFromRect
DispatchMessageW
GetWindowTextLengthA
GetIconInfo
SetMessageExtraInfo
SendInput
FrameRect
MsgWaitForMultipleObjects
TranslateAccelerator
DestroyWindow
SetMenuContextHelpId
GetKeyNameTextA
MessageBoxIndirectA
CreateMDIWindowA
SetMenu

comdlg32

GetOpenFileNameA
GetOpenFileNameW
ChooseFontW
PrintDlgW
ChooseColorW
GetSaveFileNameA
ReplaceTextA
PageSetupDlgA
PageSetupDlgW
GetFileTitleA
LoadAlterBitmap
GetFileTitleW

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

357a7417754cbe3d5a2e70e888e76e54

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

Sections

.text Size: 132KB - Virtual size: 132KB

.data Size: 110KB - Virtual size: 109KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 132KB - Virtual size: 132KB

.data
Size: 110KB - Virtual size: 109KB

.rsrc
Size: 5KB - Virtual size: 4KB