427d57a3d179adb775bfdfa465c494af_JaffaCakes118

General

Target

427d57a3d179adb775bfdfa465c494af_JaffaCakes118
Size

74KB
MD5

427d57a3d179adb775bfdfa465c494af
SHA1

dedaefd4d73bbef2beaccebdc57f2d18c7c34d05
SHA256

e86d1b75aed5d07e96738f9dfcaaeb61aeace8a50256ac0cfd45cd3b273cbb1d
SHA512

fc8ac0485fc8b3f1c2cf74a81770f6523479dcb01d32e121a7041c8ee9ed2a4b89ece62c69f091e103d7bbaae46bb283b966b87733ba98fb52d6a6770ee1dc81
SSDEEP

1536:CiGktvK/6gnvRCrk5PmYd4p5mm4Q9kJglmygdrJf/HopWiYb9Vdwfp+G:CZoK/lnpC4m1f4qxlwdFHSWJb9fO+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
427d57a3d179adb775bfdfa465c494af_JaffaCakes118

Files

427d57a3d179adb775bfdfa465c494af_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ddeb1521db5e5b703bbe9a0ebb818c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
OutputDebugStringA
GetModuleHandleW
VerSetConditionMask
CompareStringA
FindNextChangeNotification
VirtualAlloc
FreeResource
ConvertDefaultLocale
FreeEnvironmentStringsW
GetBinaryTypeA
WritePrivateProfileSectionW
GetConsoleCP
GetShortPathNameA
LoadLibraryA
GetCurrentDirectoryA
GetConsoleCharType
VerLanguageNameW
AddAtomW
ExitProcess
RegisterWaitForSingleObject
GetExitCodeThread
GetModuleHandleA
GetEnvironmentStringsA
GetPrivateProfileStringW
WideCharToMultiByte
MapViewOfFile
CreateDirectoryExA
GetDriveTypeW
FreeLibraryAndExitThread

msvcrt

wcscspn
_lrotr
??_Gexception@@UAEPAXI@Z
_wtoi64
fputs
atexit
strerror
_wfindnext64
_mbscpy
_mbsncoll
_sys_errlist
exit
_mbbtombc
memcpy
_pctype
fputc
fwrite
_snprintf
fprintf
_ismbcdigit

user32

GetPropW
DialogBoxParamW
AppendMenuW
CopyRect
PostQuitMessage
AdjustWindowRect
OemToCharA
OffsetRect
MoveWindow
CheckRadioButton
LoadAcceleratorsW
GetWindowRect
LoadStringW
GetClientRect
ModifyMenuA
EnableMenuItem

Exports

Exports

ZuladkwFphwYyf
GbsQdsoywJajtDjih
GwdpjvwApfhfnOkaqnaCzn
OtehcKxgjhMtdzmxKoi

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ddeb1521db5e5b703bbe9a0ebb818c4

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Exports

Exports

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 30KB - Virtual size: 29KB

.rsrc Size: 15KB - Virtual size: 14KB

.reloc Size: 512B - Virtual size: 60B

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 30KB - Virtual size: 29KB

.rsrc
Size: 15KB - Virtual size: 14KB

.reloc
Size: 512B - Virtual size: 60B