JaffaCakes118_77503c891fec014651eb783d30a111f0

General

Target

JaffaCakes118_77503c891fec014651eb783d30a111f0
Size

64KB
MD5

77503c891fec014651eb783d30a111f0
SHA1

76f5d5d7f35d6db4f39765c52c31ecd98eda5223
SHA256

11ab6bda2e9c86e6c65853b689c92c90b93c50b3c7f2849943df379d31714041
SHA512

0dd54083b3031e52e762f0b7b284f96847e7b7559ccd039a185cfa1af4448ee254e9aff5be418ae2c6dc6adf74995d81462c70cce511be20264da486cb7e1de3
SSDEEP

1536:8N2DNkl91Imw+EvoRKcWFCED0L61d57ZjU2h4GJ:QKmix+EvAKTRDZd5R8A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/WU_changes_ID_56508578723485690902345926345796290236767936592352345-345324523452436546756845432567667678476-4356657867864574357568458674-786775645673657.pdf.exe

Files

JaffaCakes118_77503c891fec014651eb783d30a111f0
.zip
WU_changes_ID_56508578723485690902345926345796290236767936592352345-345324523452436546756845432567667678476-4356657867864574357568458674-786775645673657.pdf.exe
.exe windows:4 windows x86 arch:x86

ba2cbb5069685fa656006a938cab47a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\google\src\_tiger4_v3_2.pdb

Imports

kernel32

LockFile
SetStdHandle
GetLocaleInfoW
FlushFileBuffers
GetSystemInfo
VirtualProtect
LCMapStringW
LCMapStringA
VirtualQuery
RtlUnwind
HeapReAlloc
GetOEMCP
GetACP
LoadLibraryA
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
Sleep
GetCPInfo
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
WriteFile
MultiByteToWideChar
GetLastError
GetModuleHandleA
GetProcAddress
ExitProcess
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
GetCommandLineA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LocalAlloc
FormatMessageA
LocalFree
GetDiskFreeSpaceA
lstrcatA
lstrcmpW

msvcrt

puts

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba2cbb5069685fa656006a938cab47a7

Headers

File Characteristics

PDB Paths

Imports

kernel32

msvcrt

Sections

.text Size: 80KB - Virtual size: 78KB

.data Size: 4KB - Virtual size: 321KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 80KB - Virtual size: 78KB

.data
Size: 4KB - Virtual size: 321KB

.rsrc
Size: 12KB - Virtual size: 11KB