3fcf5313e81e6fa45ece3643d70b623d_JaffaCakes118

General

Target

3fcf5313e81e6fa45ece3643d70b623d_JaffaCakes118
Size

89KB
MD5

3fcf5313e81e6fa45ece3643d70b623d
SHA1

0a682461c64d47cc0a6da2d402a1e2716299b008
SHA256

1de205f7941dfdbe365777186c811b84285dbd7df9425af7ce0af779707b91e9
SHA512

2b22af091a25b24f1d206e4ec9e470e67e15561345d1a4c996bcba17a2ffbda2eab97bd8ddae610ff01b8d3f466cc2d0640184d52dbb2bf0ef05e3cbdfe99c2a
SSDEEP

1536:opUVkjkiLHSr2TjCctoiz2nMOyglFh1JmnMOyglFh1J69S3UMkrYRWcsVgMtTP5N:iy0Ly662UY68k1xxtD7fpB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fcf5313e81e6fa45ece3643d70b623d_JaffaCakes118

Files

3fcf5313e81e6fa45ece3643d70b623d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ecd5a55093a7451213a9cf014bbc4813

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnmapViewOfFile
GetProfileSectionA
GetFullPathNameA
GetLastError
WaitForSingleObjectEx
LoadLibraryA
UnlockFileEx
IsBadHugeReadPtr
GetExitCodeThread
GetUserDefaultUILanguage
OpenSemaphoreW
EnumResourceTypesA
SetEndOfFile
IsValidCodePage
EnumResourceNamesA
ExitProcess
VirtualAlloc
MapViewOfFile
DeleteAtom
GetPrivateProfileStringA
OutputDebugStringA
GetModuleHandleA
GetQueuedCompletionStatus
GetCPInfo
GetCPInfoExW

msvcrt

_adj_fpatan
memcpy
__p__environ
_aexit_rtn
??3@YAXPAX@Z
??_Gexception@@UAEPAXI@Z
wcspbrk
_outp
_strrev
_abnormal_termination
_mbctohira
perror
__p__osver
modf
fputc
_wcsrev
fwrite
_wfindnext
_strnicoll
_wremove
atoi

user32

SetClassLongW
LoadStringW
GetWindowPlacement
GetMenu
OffsetRect
AdjustWindowRect
EndDialog
LoadCursorW
CheckRadioButton
EmptyClipboard
ModifyMenuA
OemToCharA

Exports

Exports

NypltKbu
LqGhaozw
GhqpHgppfbQxzhWy

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 58B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ecd5a55093a7451213a9cf014bbc4813

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 23KB - Virtual size: 23KB

.rsrc Size: 59KB - Virtual size: 59KB

.reloc Size: 512B - Virtual size: 58B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 59KB - Virtual size: 59KB

.reloc
Size: 512B - Virtual size: 58B