302551b98803d932a238654bc25f6ee2_JaffaCakes118

General

Target

302551b98803d932a238654bc25f6ee2_JaffaCakes118
Size

427KB
MD5

302551b98803d932a238654bc25f6ee2
SHA1

3888f686ab4347d8dc37db02972a2c8b3ed6cb91
SHA256

e03a88db74332dbd5619ab63e49caa8e080b15866e2b9de3f559e9449b5f89b9
SHA512

d24d7df5ef34eb1a9dca9d84a5854421675866212a4f68fca1c6d036e77c40470e492242788aa3f37f77d6ed7946922cfd0d89c0a09d0cbc9aecd28676f0fbb2
SSDEEP

12288:RyLBYKSAB8Xg0o6DVbhvhxKeMTkBiPghS+28w7eVO:slLa+4vekPhS+nw7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
302551b98803d932a238654bc25f6ee2_JaffaCakes118

Files

302551b98803d932a238654bc25f6ee2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ed609d6a59ecdf622f623fd12cfe0b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetSystemInfo
GetTimeZoneInformation
SetEnvironmentVariableA
GetProcAddress
GetUserDefaultLCID
HeapReAlloc
SetLastError
lstrcpyA
GetLocaleInfoA
GetCurrentProcessId
TlsFree
lstrcpynA
GetCPInfo
TlsGetValue
WideCharToMultiByte
GetVersionExA
VirtualAllocEx
TlsSetValue
WriteFile
GetCurrentThread
VirtualFree
CompareStringA
GetStartupInfoW
HeapDestroy
MoveFileW
GetFileType
WaitNamedPipeA
UnmapViewOfFile
ExitProcess
GetTickCount
FoldStringW
TlsAlloc
HeapFree
EnumSystemLocalesA
GetModuleFileNameA
GetOEMCP
LoadLibraryA
QueryPerformanceCounter
EnterCriticalSection
VirtualAlloc
GetVersion
OpenWaitableTimerA
VirtualProtect
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
FreeEnvironmentStringsA
GetCommandLineA
GetEnvironmentStrings
IsValidLocale
UnhandledExceptionFilter
GetTimeFormatA
CompareStringW
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
LocalCompact
ContinueDebugEvent
GetACP
GetCommandLineW
LCMapStringW
MultiByteToWideChar
HeapSize
GetStartupInfoA
FileTimeToSystemTime
GetDateFormatA
LCMapStringA
GetProcessAffinityMask
GetStringTypeW
SetHandleCount
GetEnvironmentStringsW
LeaveCriticalSection
InterlockedExchange
GetLocaleInfoW
GetLastError
DeleteCriticalSection
InitializeCriticalSection
SystemTimeToFileTime
GetLongPathNameW
HeapCreate
GetStringTypeA
HeapAlloc
IsValidCodePage
EnumResourceLanguagesA
GlobalCompact
GetStdHandle
VirtualQuery
GetModuleHandleA
IsBadWritePtr

user32

GetClassInfoExA
AnyPopup
LoadKeyboardLayoutW
OffsetRect
DlgDirListA
DdeSetQualityOfService
CharLowerW
CharToOemA
UnregisterDeviceNotification

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ed609d6a59ecdf622f623fd12cfe0b1

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 144KB - Virtual size: 144KB

.data Size: 273KB - Virtual size: 273KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 144KB - Virtual size: 144KB

.data
Size: 273KB - Virtual size: 273KB

.rsrc
Size: 8KB - Virtual size: 7KB