ed01a4f3fd64700ff383fc4061eac15b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ed01a4f3fd64700ff383fc4061eac15b_JaffaCakes118
Size

546KB
MD5

ed01a4f3fd64700ff383fc4061eac15b
SHA1

2144e7098205ba5170594386f45690a6fef8f5ee
SHA256

08e80b077a7e178854743a85a5b60e28b578adcc2e182cff19776c8a174f981a
SHA512

01efcc4faa5760ed10c7256c180d23fdd7666b9b5cb859eb6f857d0bac7a502faf2726e8d80deedfe25ed310d69da0e1df6c041e22738e0dbbb79e33ba56885b
SSDEEP

12288:yMHfD+bgvivhAvjusXoOIAStIxZZ8jxnW8jBsc/i743yp:yMH72gaajusXovAcITGxnrmcayyp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed01a4f3fd64700ff383fc4061eac15b_JaffaCakes118

Files

ed01a4f3fd64700ff383fc4061eac15b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e9111b4c99b06b60df3dbbbbfa8e353a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
FlushFileBuffers
ReadFile
LoadLibraryA
OutputDebugStringA
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
GetModuleHandleA
HeapFree
GetStartupInfoW
IsValidLocale
DeleteCriticalSection
GetModuleFileNameA
HeapReAlloc
HeapDestroy
FindAtomA
SetLastError
SetLocaleInfoA
InterlockedExchange
HeapSize
TlsAlloc
MoveFileExA
GetTickCount
EnumSystemLocalesA
GetCommandLineW
GetDiskFreeSpaceA
GetConsoleOutputCP
GetCurrentThreadId
GetLocaleInfoW
QueryPerformanceCounter
GetCurrentProcessId
VirtualQuery
WriteFile
TerminateProcess
TlsSetValue
WritePrivateProfileSectionA
ExitThread
VirtualFree
FreeEnvironmentStringsW
GetFileType
ExpandEnvironmentStringsW
UnhandledExceptionFilter
GetEnvironmentStringsW
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
WriteConsoleA
InterlockedIncrement
CloseHandle
lstrcmpi
CompareStringW
GetPriorityClass
LCMapStringW
SetConsoleCtrlHandler
OpenMutexA
VirtualAlloc
WriteConsoleW
GetConsoleMode
GetTimeZoneInformation
CompareStringA
WideCharToMultiByte
TransactNamedPipe
GetProcAddress
GetLastError
HeapAlloc
TlsGetValue
IsValidCodePage
FreeLibrary
GetDateFormatA
GetLocaleInfoA
CreateMutexA
GetCurrentThread
ReadConsoleOutputCharacterW
HeapCreate
GetACP
MultiByteToWideChar
ExitProcess
WriteProfileStringA
SetEnvironmentVariableA
lstrcatA
FoldStringA
GetFileAttributesExW
GetConsoleCP
RtlZeroMemory
VirtualAllocEx
CreateFileA
SetStdHandle
GetStartupInfoA
SetHandleCount
GetStdHandle
InterlockedDecrement
IsDebuggerPresent
RtlUnwind
TlsFree
LCMapStringA
GetTimeFormatA
SetFilePointer
GetStringTypeW
GetCommandLineA
GetOEMCP
WriteConsoleOutputAttribute
PulseEvent
SetUnhandledExceptionFilter
GetCPInfo
GetModuleFileNameW
GetStringTypeA
GetUserDefaultLCID

user32

DeferWindowPos
IsDialogMessage
RegisterClassA
GetMessageA
DlgDirSelectExA
RegisterClassExA
GetWindowModuleFileNameA
TrackPopupMenuEx
ModifyMenuW
AdjustWindowRect
DdeQueryStringA

comctl32

InitCommonControlsEx

Sections

.text
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9111b4c99b06b60df3dbbbbfa8e353a

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 214KB - Virtual size: 213KB

.rdata Size: 9KB - Virtual size: 22KB

.data Size: 317KB - Virtual size: 317KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 214KB - Virtual size: 213KB

.rdata
Size: 9KB - Virtual size: 22KB

.data
Size: 317KB - Virtual size: 317KB

.rsrc
Size: 4KB - Virtual size: 4KB