f5893f95b755604b26d1aa7f2bc07567_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f5893f95b755604b26d1aa7f2bc07567_JaffaCakes118
Size

457KB
MD5

f5893f95b755604b26d1aa7f2bc07567
SHA1

8f4642de1338cc74a5258eb338de5571d771ef8a
SHA256

d10a9022cbb58cb18dca4157335dc68d6bdeab1ee563e34593b23bdd91618b1b
SHA512

ff6f46b74e6b86fe0817ebc811a1ba9587ecbd98197a00e794fbf565e2cb7126f8a0a7370e1cbfd233178497f8faf20c6ca0bf7df629ddcd5816c57d90509c8b
SSDEEP

6144:YbWx8yp7hdA6P/HwvZcZ1uo2UN0g954xvfPHkcgb/vhbbug6EA/Hy1VIVGK:Y6q+7jIiuovNl9sPHgH1bug6ECS1V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5893f95b755604b26d1aa7f2bc07567_JaffaCakes118

Files

f5893f95b755604b26d1aa7f2bc07567_JaffaCakes118
.exe windows:4 windows x86 arch:x86

adfae09bccd78212e961857f684fd8de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyCaret
MenuItemFromPoint
ToUnicodeEx
RegisterClassExA
SetLastErrorEx
GetUserObjectSecurity
DrawCaption
ArrangeIconicWindows
GetWindowInfo
DragObject
CharUpperW
RegisterClassA
CreateAcceleratorTableW
GetWindowTextLengthW
SendDlgItemMessageA
FreeDDElParam

comctl32

InitCommonControlsEx

kernel32

GetVersion
TlsFree
LeaveCriticalSection
InterlockedDecrement
GetFileType
LoadModule
OpenMutexA
GetTimeZoneInformation
WaitForSingleObjectEx
GetModuleFileNameW
GetProcAddress
GetSystemTime
GetCurrentThread
UnhandledExceptionFilter
GetLastError
ReadFile
LCMapStringW
GetEnvironmentStringsW
CompareStringA
LoadLibraryA
FreeEnvironmentStringsA
FreeResource
AddAtomA
IsBadWritePtr
HeapCreate
VirtualAlloc
GetConsoleCursorInfo
GetTickCount
GetStdHandle
WriteFile
ExitProcess
TlsSetValue
GetStartupInfoA
FlushFileBuffers
GetEnvironmentStrings
CompareStringW
GetCurrentProcessId
RtlUnwind
InterlockedIncrement
QueryPerformanceCounter
HeapFree
GetStartupInfoW
VirtualQuery
GetNamedPipeHandleStateW
SetLastError
InterlockedExchange
GetCommandLineW
GetStringTypeA
WideCharToMultiByte
GetCPInfo
EnterCriticalSection
SetHandleCount
GetModuleHandleA
CreateMutexA
HeapReAlloc
TerminateProcess
GetConsoleTitleW
CloseHandle
GetCurrentProcess
HeapDestroy
ReadConsoleW
VirtualFree
HeapAlloc
TlsAlloc
TlsGetValue
GetCurrentThreadId
FreeEnvironmentStringsW
DeleteCriticalSection
GetStringTypeW
GetModuleFileNameA
SetFilePointer
InitializeCriticalSection
SetEnvironmentVariableA
GetLocalTime
SetStdHandle
MultiByteToWideChar
LCMapStringA
GetCommandLineA
GetSystemTimeAsFileTime
VirtualQueryEx

Sections

.text
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 310KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

adfae09bccd78212e961857f684fd8de

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 133KB - Virtual size: 133KB

.rdata Size: 4KB - Virtual size: 10KB

.data Size: 310KB - Virtual size: 310KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 133KB - Virtual size: 133KB

.rdata
Size: 4KB - Virtual size: 10KB

.data
Size: 310KB - Virtual size: 310KB

.rsrc
Size: 8KB - Virtual size: 8KB