10257c4bd955c989e6a8f9c713726b72_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

10257c4bd955c989e6a8f9c713726b72_JaffaCakes118
Size

565KB
MD5

10257c4bd955c989e6a8f9c713726b72
SHA1

d2493234d61fec0e2e468f53ac51b587b44bc28e
SHA256

4f08b93a23ce5949b1ff3890f5961a979e6018f8254ab8a7e23b878b43fa94a2
SHA512

c390b9e599c3225a8ad8d5eb8942703ebcc2f6db2462335821ec49958ae664b8a9fa30b022e50483f143bd3518ced82ab27648e6674aea801433ec4b3e1774a1
SSDEEP

12288:0PlIPLAIkm4p46qo324x3Is1G4byUNW5FvLx3/3TszrSw:0lIPkIkmwqWlx3Is1GKyBF9Tir

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10257c4bd955c989e6a8f9c713726b72_JaffaCakes118

Files

10257c4bd955c989e6a8f9c713726b72_JaffaCakes118
.exe windows:4 windows x86 arch:x86

091c4e8f019fdcc412a343f1801574bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
swprintf
wcscmp
wcsncmp
_CIpow
fopen
_setjmp3
fclose
wcscpy
wcslen
strlen
strcpy
toupper
strstr
localtime
mktime
wcsncpy
memmove
gmtime
_snprintf
abort
memcpy
_iob
fprintf
longjmp
malloc
free
fwrite
fflush
isdigit
isspace
atoi
isxdigit
realloc
isalnum
tolower
strncmp

kernel32

GetModuleHandleW
HeapCreate
HeapDestroy
ExitProcess
VirtualAlloc
HeapFree
HeapAlloc
InitializeCriticalSection
GetProcAddress
FreeLibrary
LoadLibraryA
GetLocalTime
EnterCriticalSection
LeaveCriticalSection
WaitForMultipleObjects
HeapReAlloc
ResetEvent
SetEvent
TlsGetValue
TlsSetValue
GetCurrentProcess
GetCurrentThread
DuplicateHandle
WaitForSingleObject
TlsAlloc
CreateEventA
CreateThread
GetCurrentThreadId
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
AreFileApisANSI
CloseHandle
Sleep
SetFilePointer
GetLastError
ReadFile
WriteFile
SetEndOfFile
FlushFileBuffers
GetFileSize
UnlockFile
LockFile
CreateFileW
CreateFileA
DeleteFileW
GetFileAttributesW
DeleteFileA
GetFileAttributesA
LoadLibraryW
FormatMessageA
GetSystemTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
DeleteCriticalSection
InterlockedIncrement
LockFileEx
GetTempPathW
GetTempPathA
GetFullPathNameW
GetFullPathNameA

user32

GetWindow
SetActiveWindow
RemovePropW
SendMessageW
DestroyWindow
UnregisterClassW
DestroyAcceleratorTable
LoadIconW
LoadCursorW
RegisterClassW
AdjustWindowRect
GetSystemMetrics
GetActiveWindow
GetWindowRect
CreateWindowExW
SetPropW
ShowWindow
CreateAcceleratorTableW
SetCursorPos
LoadImageW
SetCursor
GetWindowLongW
GetParent
MapWindowPoints
MoveWindow
SystemParametersInfoW
GetKeyState
SetCapture
PostMessageW
GetCursorPos
ReleaseCapture
GetPropW
GetClientRect
FillRect
EnumChildWindows
DefFrameProcW
DefWindowProcW
IsWindowEnabled
IsWindowVisible
SetFocus
GetFocus
IsChild
GetClassNameW

gdi32

DeleteObject
GetStockObject

comctl32

InitCommonControlsEx

ole32

RevokeDragDrop

ntdll

LdrEnumResources

Sections

.code
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.flat
Size: 512B - Virtual size: 34B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

091c4e8f019fdcc412a343f1801574bf

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

comctl32

ole32

ntdll

Sections

.code Size: 116KB - Virtual size: 115KB

.text Size: 362KB - Virtual size: 362KB

.rdata Size: 46KB - Virtual size: 46KB

.data Size: 4KB - Virtual size: 22KB

.rsrc Size: 34KB - Virtual size: 34KB

.flat Size: 512B - Virtual size: 34B

.code
Size: 116KB - Virtual size: 115KB

.text
Size: 362KB - Virtual size: 362KB

.rdata
Size: 46KB - Virtual size: 46KB

.data
Size: 4KB - Virtual size: 22KB

.rsrc
Size: 34KB - Virtual size: 34KB

.flat
Size: 512B - Virtual size: 34B