f53a59e5c9847a74b1139116d377cbe3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f53a59e5c9847a74b1139116d377cbe3_JaffaCakes118
Size

247KB
MD5

f53a59e5c9847a74b1139116d377cbe3
SHA1

6017e7775846f8d577493d53c26a69b57935ec80
SHA256

e7296cd6b74b15b0bf5e2a1dd6bad9abbc653775a5a402cbd46107d3dd165dcf
SHA512

3613439f6a5f79799374cead61266cfd495619e4ac27999da2338d423c3ce853a1c7114b5d017cfc76e1a3dbdd4df040d5f9156d2455cc53a1a4d05843c17c07
SSDEEP

6144:v2B5risW7LUZ1CwZkC7rv/bLDU7KzMGX+aACsikXGx+Pth:e5risW7QZ1C6kC7rv/HDU/iHj+P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f53a59e5c9847a74b1139116d377cbe3_JaffaCakes118

Files

f53a59e5c9847a74b1139116d377cbe3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ccea9fa634dc58786022b44f2c5bdb3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetCommandLineW
SetUnhandledExceptionFilter
FreeLibrary
RtlUnwind
InterlockedIncrement
FreeEnvironmentStringsW
GetCurrentProcess
HeapCreate
VirtualAlloc
TlsFree
SetHandleCount
HeapReAlloc
GetStringTypeW
OpenFileMappingA
GetStringTypeA
GetLocaleInfoA
TlsAlloc
GetModuleFileNameA
GetModuleFileNameW
InterlockedDecrement
ExitProcess
GetStartupInfoA
InitializeCriticalSectionAndSpinCount
IsValidLocale
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
HeapDestroy
GetLastError
LeaveCriticalSection
QueryPerformanceCounter
OpenFile
VirtualFree
DeleteCriticalSection
UnhandledExceptionFilter
GetCurrentThreadId
GetFileType
HeapAlloc
GetTimeZoneInformation
HeapFree
GetCurrentThread
TlsGetValue
GetCurrentProcessId
EnumSystemLocalesA
IsDebuggerPresent
HeapSize
WriteFile
LCMapStringW
GetEnvironmentStringsW
GetStartupInfoW
IsValidCodePage
GetLocaleInfoW
SetEnvironmentVariableA
WideCharToMultiByte
GetPrivateProfileSectionNamesW
GetACP
GetModuleHandleA
MoveFileA
GetOEMCP
EnterCriticalSection
GetThreadPriorityBoost
TlsSetValue
CompareStringW
CompareStringA
GetDateFormatA
LCMapStringA
GetProcAddress
GetStdHandle
GetTimeFormatA
GetCPInfo
SetLastError
InterlockedExchange
MultiByteToWideChar
TerminateProcess
GetUserDefaultLCID
VirtualQuery
SetConsoleCtrlHandler
Sleep
CreateFileMappingW

user32

CreateDialogParamA
LoadCursorA
LookupIconIdFromDirectoryEx
GetMessageTime
GetMenuItemID
GetShellWindow
IsDialogMessageW
EndDeferWindowPos
TranslateMessage
RegisterDeviceNotificationW
BeginPaint
ValidateRgn
IsChild
DdeCmpStringHandles
DestroyCaret
DefDlgProcA
LoadCursorFromFileW

gdi32

CreateRectRgnIndirect
CreatePolygonRgn
GetGlyphOutlineW
CreateBrushIndirect
ScaleWindowExtEx
GetLayout
LPtoDP
GetPath
GetMetaFileA
StrokeAndFillPath
ExtEscape
GetTextFaceA
Arc
PlayEnhMetaFile
UpdateColors
SetBoundsRect
EndPage
GetFontLanguageInfo
CopyEnhMetaFileW
EnumObjects
GetWindowOrgEx
GetViewportOrgEx

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccea9fa634dc58786022b44f2c5bdb3b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 126KB - Virtual size: 126KB

.data Size: 112KB - Virtual size: 139KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 126KB - Virtual size: 126KB

.data
Size: 112KB - Virtual size: 139KB

.rsrc
Size: 7KB - Virtual size: 7KB