3800618ff1cdcbaa2f8a295f2563e959_JaffaCakes118

General

Target

3800618ff1cdcbaa2f8a295f2563e959_JaffaCakes118
Size

76KB
MD5

3800618ff1cdcbaa2f8a295f2563e959
SHA1

e9df0b33735e5a0b9708c0b86bb7810a356cac13
SHA256

9e0935b583d0a67f6ab0c0cbdc448c85a6ed5104d6d2ee1bf8e707ba6eadda6d
SHA512

fc3251afce99319a3afed690429c5ec8a5e7940a37eda8bee6b9ecb02ff7bafa32d84c71536e6b7c479ea5aa964fafbe5977ba019da88ec15e71972327600d65
SSDEEP

1536:2stJ+XJwNE6hOc7RrqPMp3wslGjVOiw7SdFTFf5KvKA34K44444a44U9:2stzEEOvUwslJiPgyA34K44444a44o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3800618ff1cdcbaa2f8a295f2563e959_JaffaCakes118

Files

3800618ff1cdcbaa2f8a295f2563e959_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1a2958afc2955ca2506881e65ee56ec3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GetCurrentProcess
GetExitCodeProcess
TerminateProcess
InitializeCriticalSection
GetLongPathNameW
GetConsoleMode
MoveFileW
GlobalSize
FindClose
lstrcpynW
GetSystemInfo
VirtualAlloc
GetProcAddress
LoadLibraryA
LCMapStringA
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapSize
MultiByteToWideChar
GetCPInfo
GetOEMCP
GetACP
InterlockedExchange
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapFree
ExitProcess
HeapAlloc
VirtualProtect
VirtualQuery
GetLastError
WideCharToMultiByte
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
RtlUnwind
LCMapStringW

user32

DispatchMessageW
ModifyMenuW
GetSubMenu

comdlg32

ChooseColorA
FindTextA
ReplaceTextW
GetOpenFileNameW
ChooseFontA
PageSetupDlgA

ole32

StgOpenAsyncDocfileOnIFillLockBytes

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a2958afc2955ca2506881e65ee56ec3

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

Sections

.text Size: 30KB - Virtual size: 30KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 35KB - Virtual size: 39KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 35KB - Virtual size: 39KB

.rsrc
Size: 4KB - Virtual size: 4KB