f1ad0d5822ccccdc36abe425260f2c36_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f1ad0d5822ccccdc36abe425260f2c36_JaffaCakes118
Size

332KB
MD5

f1ad0d5822ccccdc36abe425260f2c36
SHA1

ecf276de93a336d26e423cb4c72d5fa07f1f3c36
SHA256

59778bd7437c93676d36ac68b55b86dbbf3a7f5168a940b743835f099b3c808d
SHA512

d04a7c4c3fe7e2b7edf119226f6a095af164511d30e545e9b9cf2bbd1417b3b1825b45e25f132458653840b71e21df4a1ac8e7922b4d79545a165585668d4a27
SSDEEP

6144:ESDlRrFSt0BA9iptt+NL7CdZRU26i9SdQCxhu+smEHGgpAAMVvwzkPxvhL7nBuSw:EuQx9iBkyhU2l9o/vOG0jMVYQVhr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1ad0d5822ccccdc36abe425260f2c36_JaffaCakes118

Files

f1ad0d5822ccccdc36abe425260f2c36_JaffaCakes118
.exe windows:4 windows x86 arch:x86

949b86a7cb8ff504dea64c5dfe79f28d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
QueryPerformanceCounter
GetCurrentProcess
GetConsoleHardwareState
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetExitCodeProcess
FindFirstFileW
CopyFileW
FindNextFileW
SetFileAttributesW
MoveFileW
FindClose
SetLastError
OpenProcess
UnregisterWaitEx
RegisterWaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
LoadLibraryExW
FormatMessageW
GetTickCount
CreateEventW
CreateThread
GetCurrentThreadId
OutputDebugStringA
GetCurrentProcessId
ResetEvent
SetEvent
GetFileAttributesExW
ReleaseMutex
WaitForMultipleObjects
CreateMutexW
CloseHandle
WaitForSingleObject
Sleep
LoadLibraryW
GetProcAddress
FreeLibrary
LocalAlloc
LocalFree
GetLastError
InterlockedDecrement
InterlockedIncrement
InterlockedCompareExchange
InterlockedExchange
GetSystemTimeAsFileTime
TerminateProcess
DeleteFileW
RemoveDirectoryW
SetEnvironmentVariableW
DisableThreadLibraryCalls
DebugBreak
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
OpenEventW
CreateSemaphoreW
ReleaseSemaphore
GetSystemDirectoryW
GetModuleHandleW
GetModuleFileNameW
CreateFileW
GetLocalTime
CreateDirectoryW
CreateTimerQueueTimer
ChangeTimerQueueTimer
DuplicateHandle
GetFileAttributesW
ExpandEnvironmentStringsW
GetCurrentThread
CreateProcessW
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExW
SizeofResource
LockResource
LoadResource
FindResourceW
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
TlsAlloc
TlsGetValue
TlsFree
TlsSetValue
HeapCreate
HeapSize
HeapValidate
HeapReAlloc
HeapDestroy
SwitchToThread
DeleteTimerQueueTimer
TryEnterCriticalSection
InitializeCriticalSection
LocalFileTimeToFileTime
SystemTimeToFileTime
CompareFileTime

oleaut32

DispInvoke
CreateErrorInfo
OleSavePictureFile
SafeArrayAllocDescriptorEx
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

msimg32

TransparentBlt

Sections

.text
Size: 214KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

949b86a7cb8ff504dea64c5dfe79f28d

Headers

File Characteristics

Imports

kernel32

oleaut32

msimg32

Sections

.text Size: 214KB - Virtual size: 261KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 114KB - Virtual size: 113KB

.text
Size: 214KB - Virtual size: 261KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 114KB - Virtual size: 113KB