37e7b2df8fa7e6b32cbc7fe0d812fe57_JaffaCakes118

General

Target

37e7b2df8fa7e6b32cbc7fe0d812fe57_JaffaCakes118
Size

89KB
MD5

37e7b2df8fa7e6b32cbc7fe0d812fe57
SHA1

bb446f747f9a09f1891d86e093caeab7b8ba5542
SHA256

e035f9fb351a75868904e8330e53940337b30e15e4dc596042a1373e70fb4616
SHA512

c4f231955bcbbb93b457d06f57f72e8a0ae6afc2bff9750d59230f078806d90d7f1a42f74aed7283a4d96f88de3f21e428da71f9f83242696c3e849cfb8552dc
SSDEEP

1536:YBEzylH98+Hdesphc4Giz2nMOyglFh1JmnMOyglFh1J9jmLdN8IVQLmv28XWNf/c:aGy99Nem7HUY9aLj8IIOLi/g2g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37e7b2df8fa7e6b32cbc7fe0d812fe57_JaffaCakes118

Files

37e7b2df8fa7e6b32cbc7fe0d812fe57_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e2ea10d9bbe50ceb75142aadc47c6db8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetLogicalDrives
VirtualAlloc
RaiseException
FlushViewOfFile
RtlFillMemory
GetModuleHandleA
SizeofResource
MapViewOfFile
DeleteCriticalSection
SetUnhandledExceptionFilter
QueryPerformanceFrequency
ExitProcess
RemoveDirectoryA
GetLastError
LoadLibraryA
GetCPInfo
OutputDebugStringA
GetProfileIntA
GetWindowsDirectoryW
GetStdHandle
GetBinaryType
GetExitCodeThread
GetCPInfoExW
HeapDestroy
CreateMutexA
IsBadCodePtr
CopyFileA
GetModuleHandleW

msvcrt

_strset
memcpy
__toascii
fwrite
_wtoi64
fputc
_sleep
_abnormal_termination
_wspawnvp
vprintf
_wctime64

user32

LoadStringW
GetProcessDefaultLayout
ModifyMenuA
MoveWindow
IntersectRect
GetWindowTextLengthW
CheckMenuItem
AdjustWindowRect
IsWindowEnabled
SetCursor
SetFocus
GetDC
OemToCharA

Exports

Exports

IzThdlhPsvvpSbqerMx
OqupigVltrarZynn
EuIddszBtmgwhbTahcom
RxNwievPa
YfijasqJf

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2ea10d9bbe50ceb75142aadc47c6db8

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 23KB - Virtual size: 22KB

.rsrc Size: 59KB - Virtual size: 59KB

.reloc Size: 512B - Virtual size: 60B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 23KB - Virtual size: 22KB

.rsrc
Size: 59KB - Virtual size: 59KB

.reloc
Size: 512B - Virtual size: 60B