e88bff26818fa69296d60c4b68ce0b6b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e88bff26818fa69296d60c4b68ce0b6b_JaffaCakes118
Size

490KB
MD5

e88bff26818fa69296d60c4b68ce0b6b
SHA1

89fe3f4b19b1c78e208949e182cfb83013fcd845
SHA256

179510985d4b00dd6380247e5f6fd140abc996f8b56550c70993465b73492cb9
SHA512

3936c0c0e8c1c3d5a446ee158aa78ce4f232a3c41dc74c2b3b6a43160d982cab5b2e5ee3cffd2f660efc94b177ed98af7ac5980652b823be3dcb85715f9f7801
SSDEEP

12288:Yc2boNNb6/treV3oR996God1VRiM4wgMbiK4o5G:J2Kb6/Pu1VRiML3iK4s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e88bff26818fa69296d60c4b68ce0b6b_JaffaCakes118

Files

e88bff26818fa69296d60c4b68ce0b6b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8241e5050daa52c1f673437034e29674

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetCursorInfo
IsCharLowerW
MsgWaitForMultipleObjects
GetDlgItem
GetKeyboardLayoutNameA
UnregisterClassW
GetTopWindow
DispatchMessageA
SetTimer
SetFocus
CreateMDIWindowA
RegisterClassA
RegisterClassExA
DrawTextW
DdeAccessData
GetClassLongA
IsChild
SetDoubleClickTime
SetProcessWindowStation
SetParent
GetDesktopWindow
RealGetWindowClass

kernel32

InterlockedIncrement
SetLastError
GetLastError
UnhandledExceptionFilter
LCMapStringW
WriteConsoleW
HeapFree
GetEnvironmentStringsW
GetProcAddress
GetProcessHeap
GetConsoleCP
SetHandleCount
GetCPInfo
GetModuleFileNameW
GetModuleFileNameA
GetNumberFormatA
HeapCreate
GetEnvironmentStringsA
GetLocaleInfoW
IsDebuggerPresent
CreateMutexA
CloseHandle
TerminateProcess
LCMapStringA
HeapDestroy
GetConsoleMode
SetUnhandledExceptionFilter
CreateNamedPipeW
InitializeCriticalSection
OpenMutexA
ReadFile
DeleteCriticalSection
LeaveCriticalSection
GetVersionExA
SetEnvironmentVariableA
VirtualFree
FreeEnvironmentStringsW
IsValidCodePage
HeapSize
HeapReAlloc
GetDateFormatA
FreeEnvironmentStringsA
EnterCriticalSection
GetUserDefaultLCID
VirtualAlloc
TlsFree
GetACP
GetCurrentProcess
GetCommandLineA
LoadLibraryA
ExitProcess
InterlockedExchange
GetEnvironmentStrings
CompareStringA
WideCharToMultiByte
LocalLock
GetCurrentThread
WriteFile
GetCurrentProcessId
GetFileType
InterlockedDecrement
TlsSetValue
GetCurrentThreadId
CompareStringW
SetStdHandle
GetStartupInfoA
FlushFileBuffers
SetFilePointer
TlsAlloc
VirtualQuery
QueryPerformanceCounter
Sleep
GetStringTypeA
TlsGetValue
GetTimeFormatA
FreeLibrary
SetConsoleCtrlHandler
GetOEMCP
GetCommandLineW
GetStartupInfoW
GetModuleHandleA
MultiByteToWideChar
WriteConsoleA
RtlUnwind
GetSystemTimeAsFileTime
GetStdHandle
CreateDirectoryExA
IsValidLocale
HeapAlloc
GetTickCount
GetTimeZoneInformation
GetStringTypeW
GetConsoleOutputCP
EnumSystemLocalesA
CreateFileA
GetLocaleInfoA

comctl32

InitCommonControlsEx

Sections

.text
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8241e5050daa52c1f673437034e29674

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 154KB - Virtual size: 154KB

.rdata Size: 9KB - Virtual size: 16KB

.data Size: 312KB - Virtual size: 312KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 154KB - Virtual size: 154KB

.rdata
Size: 9KB - Virtual size: 16KB

.data
Size: 312KB - Virtual size: 312KB

.rsrc
Size: 13KB - Virtual size: 12KB