f8cf723072449eb9af60b99c0485402a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f8cf723072449eb9af60b99c0485402a_JaffaCakes118
Size

502KB
MD5

f8cf723072449eb9af60b99c0485402a
SHA1

e0573aaee0d165135a67d3e4e2211e4a7af251fe
SHA256

03b8f7b2a43e607f41f6b9796191fbe9922e4756b8b4d99724932dc42d0b46c7
SHA512

a9754e329aa268c4ca9a1bb681367fc3b25a37f8c5c844701ae7ebdc1a37fdf8cf81323581aac53c475b055d91bc3e581a92eab289c875656d93e6d51fe0e137
SSDEEP

12288:9ll/qR9poN0ERBIwSctITzmcT1CTaZfISYpwEjsgqkZNmL:9ll/qR9CN3DZSuITzmcTXf0jIcNmL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8cf723072449eb9af60b99c0485402a_JaffaCakes118

Files

f8cf723072449eb9af60b99c0485402a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0f253f06e30b56c15db2688b305b99cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowsHookExW
SetDeskWallpaper
ToUnicode
MapVirtualKeyA
MsgWaitForMultipleObjectsEx
BroadcastSystemMessageA
CallMsgFilterW
LoadImageW
RegisterClassExA
RegisterClassA
InvertRect
GetPropA
TrackMouseEvent
UnhookWindowsHook

comdlg32

LoadAlterBitmap

kernel32

CloseHandle
SetLastError
GetCurrentProcess
GetTimeZoneInformation
HeapAlloc
LCMapStringW
GetOEMCP
InterlockedDecrement
LocalFileTimeToFileTime
InterlockedExchange
GetModuleHandleA
GetTickCount
GetStdHandle
SetConsoleCursorPosition
GetVersion
TerminateProcess
TlsGetValue
GetSystemTime
GetCommandLineA
SetStdHandle
GetProfileIntW
InitializeCriticalSection
GetDiskFreeSpaceA
IsBadWritePtr
DeleteCriticalSection
CreatePipe
GetCPInfo
VirtualAlloc
SetHandleCount
CompareStringW
GetCurrentThread
CreateMutexA
GetStringTypeA
QueryPerformanceCounter
VirtualFree
MultiByteToWideChar
SetFilePointer
InterlockedIncrement
TlsAlloc
ExitProcess
SetConsoleScreenBufferSize
CompareStringA
FreeEnvironmentStringsW
SetEvent
UnhandledExceptionFilter
GetEnvironmentStringsW
HeapFree
TlsFree
ReadFile
HeapCreate
FillConsoleOutputCharacterA
lstrlenW
GetProcAddress
EnterCriticalSection
RtlUnwind
LoadLibraryA
GetCurrentThreadId
FreeEnvironmentStringsA
GetEnvironmentStrings
SetEnvironmentVariableA
ReadFileEx
HeapReAlloc
GetLocalTime
TlsSetValue
FlushFileBuffers
DeleteAtom
GetStringTypeW
WideCharToMultiByte
GetExitCodeThread
GetCompressedFileSizeW
VirtualQuery
GetModuleFileNameA
OpenMutexA
LoadLibraryExW
IsBadReadPtr
GetLastError
GetACP
WriteFile
LCMapStringA
HeapDestroy
GetSystemTimeAsFileTime
GetStartupInfoA
GetCurrentProcessId
GetFileType
LeaveCriticalSection

comctl32

InitCommonControlsEx

Sections

.text
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f253f06e30b56c15db2688b305b99cc

Headers

File Characteristics

Imports

user32

comdlg32

kernel32

comctl32

Sections

.text Size: 174KB - Virtual size: 174KB

.rdata Size: 4KB - Virtual size: 8KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 174KB - Virtual size: 174KB

.rdata
Size: 4KB - Virtual size: 8KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 9KB - Virtual size: 8KB