f7f6e4e57f4abd67da227a4930dbf9a4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f7f6e4e57f4abd67da227a4930dbf9a4_JaffaCakes118
Size

502KB
MD5

f7f6e4e57f4abd67da227a4930dbf9a4
SHA1

dee2f34c152a3f05737b6b8e0c9327e63547bc06
SHA256

ec48cbcc6ba404302d80afea71d2240bcc255f82d1553edcfe8cdc3a306aff7e
SHA512

690e67fbbec1f45bab77bc10c407781ab33e47250fb8f938b62d085499387413e5e1938394f0bcde8860eddc61c3b256274bede729fcdfefd304786cd37eb37a
SSDEEP

12288:qarTcCRXtP97GJnnpHohX3OHzy70YMLolf7uEnYQPf8sWV+2:qarTcCJtP97G/iX+Ow0pYQMsn2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7f6e4e57f4abd67da227a4930dbf9a4_JaffaCakes118

Files

f7f6e4e57f4abd67da227a4930dbf9a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98d00f131dabd6951a223c3b5e3c9596

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\taqstdhs\krufatjade\fjveelooj.PDB

Imports

comctl32

InitCommonControlsEx

user32

DdeConnect
GetFocus
ValidateRect
MessageBoxIndirectA
GetQueueStatus
EnumPropsExW
RegisterClassExA
SetScrollRange
ChangeClipboardChain
RegisterWindowMessageW
EnumDisplaySettingsW
MapVirtualKeyA
ToAscii
SetCapture
LoadKeyboardLayoutW
ChildWindowFromPoint
RegisterClassA
SetWindowContextHelpId
MsgWaitForMultipleObjects

kernel32

CompareStringA
TlsSetValue
GetCommandLineA
TlsGetValue
HeapDestroy
SetFilePointer
GetStringTypeA
SetLastError
GetTimeFormatA
RtlUnwind
GetCurrentThreadId
UnhandledExceptionFilter
GetFileAttributesExW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetCurrentProcessId
GetModuleFileNameA
GetOEMCP
FreeEnvironmentStringsA
CompareStringW
GetStartupInfoA
GetVersionExA
IsDebuggerPresent
FlushFileBuffers
GetConsoleOutputCP
FreeLibrary
SetEnvironmentVariableA
VirtualQuery
Sleep
ExitProcess
GetEnvironmentStringsW
ReadFile
SetHandleCount
GetTickCount
EnterCriticalSection
HeapCreate
GetStdHandle
GetCurrentThread
SetUnhandledExceptionFilter
WriteFile
GetCurrentProcess
InterlockedIncrement
GetLocaleInfoW
GetEnvironmentStrings
HeapSize
GetDateFormatA
VirtualAlloc
GetProcessHeap
InitializeCriticalSection
HeapReAlloc
SetConsoleCtrlHandler
LCMapStringW
FreeEnvironmentStringsW
SetStdHandle
GetUserDefaultLangID
GetCPInfo
HeapFree
GetLastError
TlsFree
InterlockedExchange
GetTimeZoneInformation
EnumSystemLocalesA
GetProcAddress
VirtualFree
LCMapStringA
LoadLibraryA
WriteConsoleA
IsValidCodePage
HeapAlloc
GetLocaleInfoA
GetModuleHandleA
WideCharToMultiByte
IsValidLocale
GetUserDefaultLCID
CreateMutexA
GetSystemTimeAsFileTime
GetFileType
GetProfileStringW
InterlockedDecrement
QueryPerformanceCounter
GetACP
WriteConsoleW
GetConsoleMode
MultiByteToWideChar
TerminateProcess
TlsAlloc
OpenMutexA
CreateFileA
GetStringTypeW
CloseHandle
LeaveCriticalSection

Sections

.text
Size: 357KB - Virtual size: 357KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98d00f131dabd6951a223c3b5e3c9596

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

Sections

.text Size: 357KB - Virtual size: 357KB

.rdata Size: 27KB - Virtual size: 45KB

.data Size: 103KB - Virtual size: 103KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 357KB - Virtual size: 357KB

.rdata
Size: 27KB - Virtual size: 45KB

.data
Size: 103KB - Virtual size: 103KB

.rsrc
Size: 13KB - Virtual size: 13KB