08de4a43f1da8051c775841f38e5be32_JaffaCakes118

General

Target

08de4a43f1da8051c775841f38e5be32_JaffaCakes118
Size

235KB
MD5

08de4a43f1da8051c775841f38e5be32
SHA1

4e30f11a89f2452423b262b569bdbd9f7c7177f9
SHA256

11d92adb54bdba63dce9ab5222b9a788e3e4aafd364dfedc22ea466351ae3989
SHA512

5fb59561000fb119473f25ac155caf6c641ef2b29e0bc4482a73673e669d12cf2d3b6cdbaf3fb7ae55d11d9b1c4c26ca13d45b169adfe9194dae43558aed39b0
SSDEEP

6144:5pYXwNrTNHSbRimHEMQEPIZghyit3JW3NzaZCD:5pjNrRHScjMRI+TZW3Nz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08de4a43f1da8051c775841f38e5be32_JaffaCakes118

Files

08de4a43f1da8051c775841f38e5be32_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13c1466a8aa5f2e59a4663a63bdfe491

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetCPInfo
SetConsoleCtrlHandler
FreeEnvironmentStringsW
RtlUnwind
HeapDestroy
FreeEnvironmentStringsA
GetCurrentProcess
GetTimeFormatA
VirtualAlloc
SetLastError
LeaveCriticalSection
HeapReAlloc
GetStartupInfoW
FindAtomA
GetStartupInfoA
GetEnvironmentStringsW
SetHandleCount
GetModuleFileNameA
GetLastError
HeapCreate
ExitProcess
GetModuleFileNameW
GetVersionExA
InterlockedDecrement
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetEnvironmentStrings
IsValidCodePage
QueryPerformanceCounter
WriteFile
TlsFree
DeleteCriticalSection
TlsAlloc
VirtualFree
GetCurrentThread
HeapAlloc
GetStringTypeA
HeapFree
GetNumberFormatW
SetUnhandledExceptionFilter
GetCurrentProcessId
EnumSystemLocalesA
HeapSize
GetUserDefaultLCID
TlsSetValue
IsDebuggerPresent
GetCommandLineW
GetOEMCP
InitializeCriticalSection
GetFileType
LCMapStringW
TlsGetValue
GetExitCodeProcess
FreeLibrary
GetModuleHandleA
FreeResource
GetLocaleInfoW
EnterCriticalSection
CreateToolhelp32Snapshot
Sleep
CompareStringW
CompareStringA
GetCommandLineA
InterlockedIncrement
GetProcAddress
GetProcessHeap
GetStdHandle
GetACP
MultiByteToWideChar
InterlockedExchange
IsValidLocale
TerminateProcess
GetStringTypeW
VirtualQuery
WideCharToMultiByte
UnhandledExceptionFilter
LocalFree
SetEnvironmentVariableA
GetCurrentThreadId
LCMapStringA
GetDateFormatA

wininet

CreateUrlCacheContainerA
ShowX509EncodedCertificate

comdlg32

PrintDlgW
ChooseColorA
FindTextA
PageSetupDlgW
FindTextW
PrintDlgA
ChooseFontW

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13c1466a8aa5f2e59a4663a63bdfe491

Headers

File Characteristics

Imports

kernel32

wininet

comdlg32

Sections

.text Size: 115KB - Virtual size: 115KB

.data Size: 113KB - Virtual size: 113KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 115KB - Virtual size: 115KB

.data
Size: 113KB - Virtual size: 113KB

.rsrc
Size: 5KB - Virtual size: 4KB