f15dd1c7679af6274179c0dbf9cbe262_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f15dd1c7679af6274179c0dbf9cbe262_JaffaCakes118
Size

369KB
MD5

f15dd1c7679af6274179c0dbf9cbe262
SHA1

e97cc0ef4b806e8288b00a56575d3875eb057e43
SHA256

04b2edcb587c531b45bb77bc1d6e4c9cc98a978995a6c2511f466fe0743d577c
SHA512

302363cc041806fa311c169002751f085f31c46c4aceb7524c702b79546e09c0cd4dc5c82b0014713d3c13b7212d8dc3e48a9fccc7da658f665f5eddb47ddd29
SSDEEP

6144:7CcwNglAIPVY8LsAoOre2BHsoi3s8JL3eoBpuXcn5Kwz1d:7CcwNONjLS2O5NJLtBpusndz1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f15dd1c7679af6274179c0dbf9cbe262_JaffaCakes118

Files

f15dd1c7679af6274179c0dbf9cbe262_JaffaCakes118
.exe windows:4 windows x86 arch:x86

40749f184b762ff75f4c0b96dee8338e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeQueryStringA
RegisterClassExA
SetLastErrorEx
InSendMessage
SendDlgItemMessageW
RegisterClassA
DdeUninitialize
OpenClipboard
ScrollDC
SetMenuItemBitmaps
SetPropA
LoadCursorA
DeferWindowPos
DestroyMenu

comctl32

InitCommonControlsEx
CreateUpDownControl
ImageList_AddMasked
ImageList_LoadImageW
CreateStatusWindow
DrawStatusTextA
DrawStatusText
ImageList_Duplicate
_TrackMouseEvent
ImageList_GetIconSize
GetEffectiveClientRect

kernel32

CreateFileA
WideCharToMultiByte
MultiByteToWideChar
SetFilePointer
FreeLibrary
SetEnvironmentVariableA
HeapSize
InterlockedDecrement
GetStringTypeA
GetOEMCP
GetUserDefaultLCID
InterlockedIncrement
FreeEnvironmentStringsW
TlsFree
VirtualQuery
HeapFree
UnhandledExceptionFilter
HeapReAlloc
SetUnhandledExceptionFilter
CompareStringW
GetCurrentThread
WriteConsoleA
HeapAlloc
GetConsoleMode
TlsAlloc
QueryPerformanceCounter
WriteConsoleW
SetStdHandle
ExitProcess
DeleteCriticalSection
GetConsoleOutputCP
ReadFile
SetLastError
GetModuleHandleA
GetTickCount
GetVersionExA
TerminateProcess
TlsSetValue
GetFileType
GetCurrentProcess
SetCurrentDirectoryA
IsValidLocale
SuspendThread
VirtualAlloc
GetProcAddress
CreateMutexA
GetCurrentProcessId
EnterCriticalSection
FreeEnvironmentStringsA
Sleep
GetSystemTimeAsFileTime
GetTimeZoneInformation
EnumSystemLocalesA
VirtualFree
GetCommandLineA
GetProcessHeap
CloseHandle
WriteFile
RtlUnwind
SetHandleCount
GetModuleFileNameA
InterlockedExchange
GetStartupInfoA
GetEnvironmentStrings
LCMapStringW
GetTimeFormatA
LoadLibraryA
GetCurrentThreadId
OpenMutexA
LeaveCriticalSection
GetLocaleInfoA
GetConsoleCP
HeapDestroy
SetConsoleCtrlHandler
TlsGetValue
IsValidCodePage
InitializeCriticalSection
LCMapStringA
GetCPInfo
IsDebuggerPresent
GetEnvironmentStringsW
FlushFileBuffers
GetStdHandle
GetStringTypeW
GetLastError
CompareStringA
GetNamedPipeHandleStateW
GetLocaleInfoW
SetThreadPriority
HeapCreate
GetDateFormatA
SetConsoleTitleA
GetACP

Sections

.text
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40749f184b762ff75f4c0b96dee8338e

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 256KB - Virtual size: 256KB

.rdata Size: 12KB - Virtual size: 24KB

.data Size: 91KB - Virtual size: 90KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 256KB - Virtual size: 256KB

.rdata
Size: 12KB - Virtual size: 24KB

.data
Size: 91KB - Virtual size: 90KB

.rsrc
Size: 8KB - Virtual size: 7KB