f4e5f9fbc084a321dc65cea654534a17_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f4e5f9fbc084a321dc65cea654534a17_JaffaCakes118
Size

427KB
MD5

f4e5f9fbc084a321dc65cea654534a17
SHA1

6aec9aed762ce544af7df53b0bd40858e47ed2a0
SHA256

2e1588cd8b7d9b5af256ade954e2a7994d455ba0782082acd97675187514d813
SHA512

81e191a1b174993ed99f4c74cb9c75fad8968bf343218ad20bda8038d552ead5dee0195e2f801b88f52033ebfc90247df42e004fd2687a686ec927d4721cbd19
SSDEEP

12288:1K42tZLxIqZgrXtaPHCp1Li3r0K2bT0N:s4MZRiEPHCp1L4r0h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4e5f9fbc084a321dc65cea654534a17_JaffaCakes118

Files

f4e5f9fbc084a321dc65cea654534a17_JaffaCakes118
.exe windows:4 windows x86 arch:x86

74c86dc224eba6132cd8373d0af898c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
DeleteCriticalSection
SetConsoleCtrlHandler
GetSystemDefaultLCID
RtlUnwind
HeapCreate
GlobalGetAtomNameW
GetCurrentProcess
GetStartupInfoW
VirtualAlloc
SetLastError
LeaveCriticalSection
HeapReAlloc
GetModuleFileNameW
GetVersionExW
GetLocaleInfoA
GetACP
SetHandleCount
GetModuleFileNameA
GetCommandLineW
GetTimeZoneInformation
ExitProcess
GetEnvironmentStringsW
GetTimeFormatA
InterlockedDecrement
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetStdHandle
FreeLibrary
IsValidCodePage
QueryPerformanceCounter
WriteFile
TlsFree
WaitForSingleObject
TlsAlloc
VirtualFree
FreeEnvironmentStringsW
HeapAlloc
GetOEMCP
HeapFree
lstrcpy
SetUnhandledExceptionFilter
GetCurrentProcessId
GetLocaleInfoW
HeapSize
GetStringTypeA
TlsSetValue
IsDebuggerPresent
EnumSystemLocalesA
GetFileType
InitializeCriticalSectionAndSpinCount
GetCPInfo
LCMapStringW
TlsGetValue
GetUserDefaultLCID
CompareStringA
GetModuleHandleA
GetDiskFreeSpaceExW
GetDateFormatA
GetStringTypeExA
FindNextFileW
Sleep
HeapDestroy
GetCurrencyFormatA
EnterCriticalSection
InterlockedIncrement
GetProcAddress
GetLastError
GetModuleHandleW
CompareStringW
MultiByteToWideChar
InterlockedExchange
IsValidLocale
TerminateProcess
GetStartupInfoA
VirtualQuery
WideCharToMultiByte
UnhandledExceptionFilter
GlobalFindAtomW
SetEnvironmentVariableA
GetCurrentThreadId
LCMapStringA
GetStringTypeW

user32

SetCaretPos
ChildWindowFromPoint
DefFrameProcW
MessageBoxIndirectW
SetClipboardViewer

gdi32

GetRegionData
CreateICW
GdiGetBatchLimit
Polygon
StretchBlt
CreateHalftonePalette
SelectClipRgn
CloseEnhMetaFile
GetObjectW
GetEnhMetaFileDescriptionW
SetDIBColorTable
BitBlt
ArcTo
DPtoLP
SetPolyFillMode
RemoveFontResourceA
GdiPlayJournal
EnumFontsA
GetObjectType
SetBrushOrgEx
CopyMetaFileA
GetTextExtentPoint32A
CreateFontIndirectA
CreateMetaFileA
SetMapperFlags

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74c86dc224eba6132cd8373d0af898c7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 140KB - Virtual size: 139KB

.data Size: 275KB - Virtual size: 275KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 140KB - Virtual size: 139KB

.data
Size: 275KB - Virtual size: 275KB

.rsrc
Size: 11KB - Virtual size: 10KB