f98af1772d30c0e4372a1cfb4ed93778_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f98af1772d30c0e4372a1cfb4ed93778_JaffaCakes118
Size

516KB
MD5

f98af1772d30c0e4372a1cfb4ed93778
SHA1

aa90771f4112a5cc6523e5410a944b9e6d285563
SHA256

7bb3b06b85a339345e18ede3d56306b7261df7d7b2cb92fecf64782c381c2f94
SHA512

89d6004d71f7abf2314575f23fbda3d1f117c410ec778dc5d28b79fe334972265fc0ab2cf0f85561ec3a1179463aa9a846395f905a19775772cb3f85cfa4d5af
SSDEEP

12288:ZZOK9XOntmXjwDaaM+RIWk/zyD1kJoW3iYcBx:Z/9XOtmXjEEWk/zy5L+js

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f98af1772d30c0e4372a1cfb4ed93778_JaffaCakes118

Files

f98af1772d30c0e4372a1cfb4ed93778_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f2735f0337ed9e84cc182fa635342f1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
ExitProcess
GetSystemTime
TlsFree
IsBadWritePtr
WideCharToMultiByte
QueryPerformanceCounter
GetStringTypeW
TlsAlloc
SetStdHandle
GetCommandLineA
LeaveCriticalSection
FormatMessageA
GetSystemTimeAsFileTime
GetStartupInfoA
GetACP
GlobalFlags
CreateMutexA
SetLastError
InterlockedIncrement
GetTickCount
GetCurrentProcessId
VirtualAlloc
SetFilePointer
LCMapStringW
IsValidCodePage
GetLocalTime
CloseHandle
HeapCreate
RtlUnwind
DeleteCriticalSection
IsDebuggerPresent
FreeEnvironmentStringsA
HeapDestroy
GetTempPathW
FlushFileBuffers
GetProcAddress
LocalFileTimeToFileTime
TlsGetValue
EnterCriticalSection
ReadFile
GetFileType
GetStdHandle
SetEnvironmentVariableA
GetVersion
GetModuleFileNameA
GetCurrentThreadId
OpenMutexA
FindFirstFileExW
GetCurrentProcess
TerminateProcess
TlsSetValue
InterlockedExchange
CompareStringW
WriteConsoleOutputW
FreeEnvironmentStringsW
CompareStringA
LCMapStringA
GetLastError
VirtualQuery
GetStringTypeA
GetTimeZoneInformation
GetCurrentThread
InitializeCriticalSection
LoadLibraryA
ExitThread
DeleteFileW
GetCPInfo
WriteFile
VirtualFree
HeapFree
FileTimeToSystemTime
GetEnvironmentStringsW
InterlockedDecrement
GetOEMCP
GetEnvironmentStrings
UnhandledExceptionFilter
SetHandleCount
GetModuleHandleA
HeapAlloc
lstrlenW
CreateMailslotW
HeapReAlloc

gdi32

AddFontResourceA
GetGlyphOutlineW
PaintRgn
CancelDC
GdiPlayJournal
GetTextFaceA
CombineRgn
PolyPolygon
SetGraphicsMode
SetBoundsRect
GdiFlush
RectInRegion

wininet

InternetGetCertByURL
InternetSetDialStateA
FindNextUrlCacheContainerA

comctl32

InitCommonControlsEx

comdlg32

FindTextW
GetSaveFileNameW
ChooseFontA
ChooseColorA

user32

DialogBoxParamW
EnumDesktopWindows
DragDetect
RegisterClassExA
SystemParametersInfoW
LoadCursorFromFileA
CopyRect
RegisterClassA
VkKeyScanW
EndDeferWindowPos
GetMessageExtraInfo

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2735f0337ed9e84cc182fa635342f1f

Headers

File Characteristics

Imports

kernel32

gdi32

wininet

comctl32

comdlg32

user32

Sections

.text Size: 192KB - Virtual size: 192KB

.rdata Size: 4KB - Virtual size: 13KB

.data Size: 315KB - Virtual size: 315KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 192KB - Virtual size: 192KB

.rdata
Size: 4KB - Virtual size: 13KB

.data
Size: 315KB - Virtual size: 315KB

.rsrc
Size: 3KB - Virtual size: 2KB