7e6fdb559bd1571fb48ed13b9269a374_JaffaCakes118

General

Target

7e6fdb559bd1571fb48ed13b9269a374_JaffaCakes118
Size

216KB
MD5

7e6fdb559bd1571fb48ed13b9269a374
SHA1

c758ffa14208e0cd744ff781496687d4f82018f9
SHA256

59d78e4a6898356dc1426974145b120b893fe764655825ef6804fe39e81eb906
SHA512

e4b75b760e82a8661f9ba68cbb1a657cbee6ae1633f6addf0faec59ca93a7075bcc566424ed90d934f96c36732cd7f9cf3a76be67d92e95df15393c4410d8c46
SSDEEP

3072:6mrEyiFrQh4QvMH0CyrqRN0yFEKMWmHrnLiVTab1+p7TfnWrMdo3Ao+i5:OyArszvMH0vqH5MTxb1+ZTfWrsk5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
7e6fdb559bd1571fb48ed13b9269a374_JaffaCakes118

Files

7e6fdb559bd1571fb48ed13b9269a374_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee8bf50a201cc89135b3f379f7c7d035

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
VirtualAlloc
GetCurrentThread
GetVersionExA
GetProcAddress
LoadLibraryA
HeapFree
InterlockedDecrement
DeleteCriticalSection
CreateEventW
ExitProcess
TerminateProcess
FreeLibrary
GetOEMCP
InterlockedExchange
ResetEvent
CompareStringW
CompareStringA
GetTimeZoneInformation
GetLocaleInfoW
HeapSize
LCMapStringW
WideCharToMultiByte
LCMapStringA
GetStringTypeW
GetStringTypeA
IsValidCodePage
RtlUnwind
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
RaiseException
GetCurrentProcess
IsDebuggerPresent
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
GetCPInfo
GetACP
Sleep
SetConsoleCtrlHandler
InitializeCriticalSection
HeapReAlloc
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA

ole32

OleInitialize
CoGetClassObject
CLSIDFromString
CoCreateInstance
RevokeDragDrop
CoInitialize
OleSaveToStream
CoDisconnectObject

scarddlg

ord2

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ee8bf50a201cc89135b3f379f7c7d035

Headers

File Characteristics

Imports

kernel32

ole32

scarddlg

Sections

.text Size: 188KB - Virtual size: 187KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 9KB

.text
Size: 188KB - Virtual size: 187KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 9KB