440a8d57512b3d4e953e2ec5b3d46e97_JaffaCakes118

General

Target

440a8d57512b3d4e953e2ec5b3d46e97_JaffaCakes118
Size

169KB
MD5

440a8d57512b3d4e953e2ec5b3d46e97
SHA1

eb0d33e4d1e101c5cacda6e887f272fd3739ccca
SHA256

b73ee653d92369e2bbb3b8b6a53c37140fbc9b30b93b4195b262aaf73f0c9c82
SHA512

db84ee9189a12ac029c902565d5717a3b129cbd3fea7883e1887d65882e81a5c3a35f822f6883bcf620be1d6b7001eef331e44fafdff0d08d78dd523b72ffcd2
SSDEEP

3072:vBnX7z/UlaTY0dgn6SXyMEWjAY6awCag8kix2jXCuCCrtoqADW9cd:vBn3Thdgn3LEWjvHtrC3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
440a8d57512b3d4e953e2ec5b3d46e97_JaffaCakes118

Files

440a8d57512b3d4e953e2ec5b3d46e97_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4cb2d3b9ea93035083b424d13dc2a9d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
GetTimeFormatA
WriteConsoleW
GlobalSize
GetDriveTypeA
ResumeThread
HeapFree
GetModuleFileNameA
GetCommandLineW
FileTimeToSystemTime
GlobalFree
FindFirstFileW
CreateEventW
TlsFree
QueryPerformanceCounter
GetACP
TlsGetValue
FileTimeToLocalFileTime
VirtualAlloc
GetProcAddress
LoadLibraryA
VirtualProtect
GetLocaleInfoA
FlushFileBuffers
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
SetStdHandle
SetFilePointer
ReadFile
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
VirtualQuery
InterlockedExchange
RtlUnwind
IsBadWritePtr
HeapReAlloc
GetCPInfo
GetOEMCP
HeapAlloc
CreateFileA
CloseHandle
VirtualFree
GetSystemInfo
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate

user32

SetWindowPos
OpenClipboard
DestroyAcceleratorTable
GetMenuStringW
EndDialog
CallNextHookEx
FillRect

comdlg32

GetFileTitleW
PrintDlgW
GetOpenFileNameW
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameA
ReplaceTextA
FindTextA
ChooseColorW
ReplaceTextW
PageSetupDlgW
FindTextW
ChooseFontW
GetFileTitleA
PrintDlgA
ChooseFontA
PageSetupDlgA

oleaut32

VarUI8FromDisp

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4cb2d3b9ea93035083b424d13dc2a9d0

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

oleaut32

Sections

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 128KB - Virtual size: 348KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 128KB - Virtual size: 348KB

.rsrc
Size: 4KB - Virtual size: 4KB