301da209e54bc9a521140bd183cad91b_JaffaCakes118

General

Target

301da209e54bc9a521140bd183cad91b_JaffaCakes118
Size

456KB
MD5

301da209e54bc9a521140bd183cad91b
SHA1

f4218564438e2b4edf66d85f488c7eede4897469
SHA256

ac17d8cb7f3680ced66a3f4631236627c65df25259e39f9db8546fd73ffdcdad
SHA512

59968921f255daa1a5f2bdf25150eb1f1ed3ac9ed5dabf8026b7c8a3c40acb89abad8b07b1da40eb4093284505ad839a9ce3f01b72b2ecdbc58f5e3e5805c7bb
SSDEEP

12288:ned7/edl15bVwf960aYv524vHPIr8sViaEm:nZFwjvv68sVia

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
301da209e54bc9a521140bd183cad91b_JaffaCakes118

Files

301da209e54bc9a521140bd183cad91b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a554d65cc400378a2aeef10bd049fac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
InitializeCriticalSection
IsValidCodePage
TlsSetValue
GetProcAddress
IsValidLocale
HeapReAlloc
VirtualFree
FreeEnvironmentStringsW
GetStringTypeW
GetCurrentProcessId
WideCharToMultiByte
CompareStringA
GetLastError
WriteFile
GetModuleHandleA
LCMapStringA
IsBadReadPtr
Sleep
SetHandleCount
GetModuleFileNameW
HeapCreate
GetCPInfo
GetVersionExA
LeaveCriticalSection
GetConsoleTitleW
GetStdHandle
GetShortPathNameW
lstrcpynW
ExitProcess
GetTickCount
GetSystemDefaultLangID
VirtualProtect
HeapFree
GetDateFormatA
GetModuleFileNameA
GetTimeZoneInformation
LoadLibraryA
QueryPerformanceCounter
GetCurrentThread
VirtualAlloc
AddAtomW
GetACP
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetEnvironmentStrings
GetLocaleInfoA
GetStartupInfoA
TlsAlloc
AddAtomA
IsBadWritePtr
GetCommandLineA
GetSystemTimeAsFileTime
GetEnvironmentStringsW
EnterCriticalSection
GetLogicalDriveStringsW
GetFileType
GetLocaleInfoW
DeleteCriticalSection
TlsGetValue
MultiByteToWideChar
GetUserDefaultLCID
CompareStringW
GetOEMCP
TlsFree
GetThreadPriorityBoost
HeapSize
UnhandledExceptionFilter
GetStartupInfoW
TransactNamedPipe
InterlockedExchange
GetSystemInfo
GetStringTypeA
GetCommandLineW
SetEnvironmentVariableA
FreeEnvironmentStringsA
EnumSystemLocalesA
LCMapStringW
HeapDestroy
HeapAlloc
SetLastError

comdlg32

PageSetupDlgA
GetOpenFileNameA
PageSetupDlgW
GetSaveFileNameW
GetSaveFileNameA
ChooseColorA
ReplaceTextW
FindTextA
ChooseFontA
PrintDlgA
ChooseFontW
GetOpenFileNameW
ReplaceTextA
GetFileTitleA
GetFileTitleW

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a554d65cc400378a2aeef10bd049fac

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 137KB - Virtual size: 137KB

.data Size: 308KB - Virtual size: 307KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 137KB - Virtual size: 137KB

.data
Size: 308KB - Virtual size: 307KB

.rsrc
Size: 9KB - Virtual size: 9KB