3bde3926c558584fb50235d9ddec9b06_JaffaCakes118

General

Target

3bde3926c558584fb50235d9ddec9b06_JaffaCakes118
Size

496KB
MD5

3bde3926c558584fb50235d9ddec9b06
SHA1

27db9c61ee96a634e5f421b7b54fb5d335963461
SHA256

f5afdca0b572e66e226dca9d3b6816de050e1d8033731e324f8e06e0e0ab1dd2
SHA512

38a9395513b3d390196ea631b69bf024994819ff1b823a46363018cea1ca04a78aa9750fe25aa3dce4e79014b8fc5ddf5de079d8d16fb07db66c0a28ce76170b
SSDEEP

12288:oa9Ithu7E8OZBxlD0P9HJNW0BMXYr2+B4VI14SHJH1eIxkx7iCGy:PIZD9PxaFHbeI0Gy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bde3926c558584fb50235d9ddec9b06_JaffaCakes118

Files

3bde3926c558584fb50235d9ddec9b06_JaffaCakes118
.exe windows:4 windows x86 arch:x86

70b94f524e50874bc74e1a66f35c61f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
SetConsoleCtrlHandler
SetHandleCount
GetDateFormatA
GetProcAddress
SetLastError
HeapReAlloc
Sleep
GetEnvironmentStrings
InterlockedDecrement
GetCurrentProcessId
HeapAlloc
FreeLibrary
GetStringTypeA
UnhandledExceptionFilter
GetModuleHandleA
SetUnhandledExceptionFilter
GetDiskFreeSpaceExW
DeleteCriticalSection
TlsSetValue
GetTimeZoneInformation
LCMapStringW
GetFileType
LCMapStringA
TlsAlloc
FreeEnvironmentStringsW
HeapSize
EnumSystemLocalesA
GetNamedPipeInfo
ExitProcess
GetTickCount
EnterCriticalSection
LeaveCriticalSection
HeapFree
GetModuleHandleW
GetModuleFileNameA
IsValidCodePage
LoadLibraryA
QueryPerformanceCounter
GetLocaleInfoW
VirtualAlloc
FileTimeToDosDateTime
GetEnvironmentStringsW
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetOEMCP
GetStringTypeW
HeapCreate
VirtualFree
CompareStringW
SetEnvironmentVariableA
GetLastError
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
GetTempFileNameW
GetStdHandle
GetTimeFormatA
GetCPInfo
WriteFile
TlsFree
IsValidLocale
GetACP
GetUserDefaultLCID
WideCharToMultiByte
FreeEnvironmentStringsA
MultiByteToWideChar
GetCurrentThread
HeapDestroy
CompareStringA
InterlockedExchange
InterlockedIncrement
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
TlsGetValue

comdlg32

GetFileTitleA
ReplaceTextW
ChooseFontA
FindTextW

Sections

.text
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70b94f524e50874bc74e1a66f35c61f3

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 175KB - Virtual size: 174KB

.data Size: 313KB - Virtual size: 312KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 175KB - Virtual size: 174KB

.data
Size: 313KB - Virtual size: 312KB

.rsrc
Size: 7KB - Virtual size: 7KB