e9353aced0690e2120955afb9e435e1a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e9353aced0690e2120955afb9e435e1a_JaffaCakes118
Size

71KB
MD5

e9353aced0690e2120955afb9e435e1a
SHA1

cc3d321944fcd48186bb644ef43ba009a72d5347
SHA256

5894d417c16cfe4079893fa293c9ddcbd3ca50cb1f154d890f4685e5ab346059
SHA512

da0a36aeafc5846ea0acd9bf63cf73115c6c5c1647387423b3ce7d6a9c45747ec7664805698287e61b7ca5538a37a55f98dbcc9806aa543c58c1be351ab9cc58
SSDEEP

1536:vmmNC69pRRDH6ULJuCm0rc5usmyUtxlNEXzAI:+mNCmP9H6V0rcALkR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9353aced0690e2120955afb9e435e1a_JaffaCakes118

Files

e9353aced0690e2120955afb9e435e1a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1abecb1bf6f5879635380155ce8af600

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
DeleteCriticalSection
InterlockedExchange
InterlockedCompareExchange
lstrlenA
GetModuleHandleW
HeapDestroy
InitializeCriticalSection
GetModuleHandleW
CreateFileW
lstrcmpiW
LeaveCriticalSection
CreateFileW
GetCurrentProcess
LoadLibraryW
CloseHandle
MultiByteToWideChar
LocalAlloc
GetCurrentProcess
lstrlenA
GetModuleHandleW
LeaveCriticalSection
CreateFileW
UnhandledExceptionFilter
GetCurrentProcess
CreateEventW
CreateEventW
GetCurrentProcess
GetVersionExA
HeapFree
GetSystemTimeAsFileTime
GetCurrentProcessId
InterlockedIncrement
InitializeCriticalSection
GetLastError
GetModuleHandleA
GetCurrentProcessId
FreeLibrary
GetSystemTimeAsFileTime
HeapDestroy
GetCurrentProcessId
GetProcessHeap
GetModuleHandleA
GetModuleHandleA
GetProcAddress
SetLastError
CloseHandle
lstrcmpiW
CreateEventW
GetProcAddress
CreateThread
ReadFile
LocalFree

user32

GetClientRect
SetWindowLongW
GetClientRect
EnableWindow
PeekMessageW
GetDlgItem
TranslateMessage
wsprintfA
TranslateMessage
SetTimer
GetWindowRect
SetWindowPos
DefWindowProcW
TranslateMessage
GetFocus
SendMessageW
ReleaseDC
EndDialog
GetWindowRect
BeginPaint
PostQuitMessage
ReleaseDC
LoadCursorW
CreateWindowExW
ShowWindow
ShowWindow
DialogBoxParamW
DestroyWindow
EndPaint
DialogBoxParamW
SetCursor
GetClientRect
SetForegroundWindow
GetClientRect
LoadCursorW
SetCursor
IsWindow
GetWindowLongW
EnableWindow
GetFocus
SetWindowTextW
IsWindow
MessageBoxW
GetDesktopWindow
GetSystemMetrics
DispatchMessageW
EndPaint
GetParent
wsprintfA
GetDesktopWindow
IsDlgButtonChecked
BeginPaint
MessageBoxW
wsprintfA
GetDesktopWindow
LoadIconW
EnableWindow
EndDialog

Sections

.text
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1abecb1bf6f5879635380155ce8af600

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 66KB - Virtual size: 68KB

.data Size: - Virtual size: 4KB

.idata Size: - Virtual size: 4KB

.idata Size: - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 4KB

.pdata Size: - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 66KB - Virtual size: 68KB

.data
Size: - Virtual size: 4KB

.idata
Size: - Virtual size: 4KB

.idata
Size: - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 4KB

.pdata
Size: - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB