07af7fd359f77d5ad404259509b20416_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

07af7fd359f77d5ad404259509b20416_JaffaCakes118
Size

976KB
MD5

07af7fd359f77d5ad404259509b20416
SHA1

74b61709ac8b297a84e83adf8e61f4670629ff20
SHA256

404a7128b7fac60b86ea97b2b4a7338e49e716a81353be3cae9a31a46e473762
SHA512

e689fc976c0b64a8208dff66d9678ad50df16fb633a4e5670122f54b302fa90d2ea6929b3881c0a479fe225dc09434be620552d6d9a47fc12b8df685a7495687
SSDEEP

24576:JMtQBn/I1o060qQgiWl5Erzz8Na2oipNOaYzIyM9dOhcuNyfLkxN:JMtQBnw6060TnWl5EqJXgaYLg8NCy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07af7fd359f77d5ad404259509b20416_JaffaCakes118

Files

07af7fd359f77d5ad404259509b20416_JaffaCakes118
.exe windows:5 windows x86 arch:x86

780b125fb20af4095440dabc436c6a9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GlobalUnlock
LocalFree
VirtualAlloc
HeapDestroy
HeapAlloc
HeapFree
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCurrentThreadId
GetLastError
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
ReleaseSemaphore
WaitForSingleObject
LoadResource
SetEndOfFile
CloseHandle
GetSystemTime
GetSystemTimeAsFileTime
GlobalAlloc
GetSystemInfo
lstrcmpW
lstrcmpiW
TlsSetValue
TlsFree
CreateMutexW
CreateEventW
GetModuleHandleW
FindResourceW
GetFullPathNameW
GetFileAttributesW
GetVersionExW
IsValidCodePage
GetACP
MultiByteToWideChar
WideCharToMultiByte
CompareStringW
LCMapStringW
GetLocaleInfoW
GetUserDefaultLCID
GetVersion
GetProcAddress
GetLocalTime
RtlUnwind
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
CreateFileW
FlushFileBuffers
HeapSize
GetStringTypeW
GetCommandLineW
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
LeaveCriticalSection
GetOEMCP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryExW
OutputDebugStringW
HeapReAlloc

comdlg32

GetFileTitleW
GetSaveFileNameW
ChooseFontW

psapi

EnumDeviceDrivers
GetDeviceDriverFileNameW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderPathW
ShellAboutW
DragFinish
DragQueryFileW
SHGetDesktopFolder
Shell_NotifyIconW
SHCreateDirectoryExW
CommandLineToArgvW

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 749KB - Virtual size: 749KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

780b125fb20af4095440dabc436c6a9f

Headers

File Characteristics

Imports

kernel32

comdlg32

psapi

shell32

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 749KB - Virtual size: 749KB

.data Size: 12KB - Virtual size: 7.3MB

.rsrc Size: 142KB - Virtual size: 141KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 749KB - Virtual size: 749KB

.data
Size: 12KB - Virtual size: 7.3MB

.rsrc
Size: 142KB - Virtual size: 141KB