105d2d79a9d2047a2ae787a81cb5165a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

105d2d79a9d2047a2ae787a81cb5165a_JaffaCakes118
Size

581KB
MD5

105d2d79a9d2047a2ae787a81cb5165a
SHA1

83d167584d1aa12fd06de7fbf96f7b6a66ab3fa2
SHA256

89df5aeaae23b49685a6b3546d582526488dad4b541bf9a00b756f320295ff39
SHA512

ddc11f5d6c5b17238db8ebeb355e3d564a36ff68ae093d4f1e8d66363ce92c96b255e0ed32235fd6d18c4e57e8a8e78b52961dc7d506d1f9ae45267e8edb42bf
SSDEEP

12288:Rm84xLLBO6b+Z46gFTI3u4InRcF1I7ylFWUIv7h3/3Tszs6:s8wLLo6bigFT2dInRcF1ayTI9Tis

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
105d2d79a9d2047a2ae787a81cb5165a_JaffaCakes118

Files

105d2d79a9d2047a2ae787a81cb5165a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

091c4e8f019fdcc412a343f1801574bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
swprintf
wcscmp
wcsncmp
_CIpow
fopen
_setjmp3
fclose
wcscpy
wcslen
strlen
strcpy
toupper
strstr
localtime
mktime
wcsncpy
memmove
gmtime
_snprintf
abort
memcpy
_iob
fprintf
longjmp
malloc
free
fwrite
fflush
isdigit
isspace
atoi
isxdigit
realloc
isalnum
tolower
strncmp

kernel32

GetModuleHandleW
HeapCreate
HeapDestroy
ExitProcess
VirtualAlloc
HeapFree
HeapAlloc
InitializeCriticalSection
GetProcAddress
FreeLibrary
LoadLibraryA
GetLocalTime
EnterCriticalSection
LeaveCriticalSection
WaitForMultipleObjects
HeapReAlloc
ResetEvent
SetEvent
TlsGetValue
TlsSetValue
GetCurrentProcess
GetCurrentThread
DuplicateHandle
WaitForSingleObject
TlsAlloc
CreateEventA
CreateThread
GetCurrentThreadId
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
AreFileApisANSI
CloseHandle
Sleep
SetFilePointer
GetLastError
ReadFile
WriteFile
SetEndOfFile
FlushFileBuffers
GetFileSize
UnlockFile
LockFile
CreateFileW
CreateFileA
DeleteFileW
GetFileAttributesW
DeleteFileA
GetFileAttributesA
LoadLibraryW
FormatMessageA
GetSystemTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
DeleteCriticalSection
InterlockedIncrement
LockFileEx
GetTempPathW
GetTempPathA
GetFullPathNameW
GetFullPathNameA

user32

GetWindow
SetActiveWindow
RemovePropW
SendMessageW
DestroyWindow
UnregisterClassW
DestroyAcceleratorTable
LoadIconW
LoadCursorW
RegisterClassW
AdjustWindowRect
GetSystemMetrics
GetActiveWindow
GetWindowRect
CreateWindowExW
SetPropW
ShowWindow
CreateAcceleratorTableW
SetCursorPos
LoadImageW
SetCursor
GetWindowLongW
GetParent
MapWindowPoints
MoveWindow
SystemParametersInfoW
GetKeyState
SetCapture
PostMessageW
GetCursorPos
ReleaseCapture
GetPropW
GetClientRect
FillRect
EnumChildWindows
DefFrameProcW
DefWindowProcW
IsWindowEnabled
IsWindowVisible
SetFocus
GetFocus
IsChild
GetClassNameW

gdi32

DeleteObject
GetStockObject

comctl32

InitCommonControlsEx

ole32

RevokeDragDrop

ntdll

LdrEnumResources

Sections

.code
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.flat
Size: 512B - Virtual size: 34B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

091c4e8f019fdcc412a343f1801574bf

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

comctl32

ole32

ntdll

Sections

.code Size: 116KB - Virtual size: 115KB

.text Size: 362KB - Virtual size: 362KB

.rdata Size: 46KB - Virtual size: 46KB

.data Size: 4KB - Virtual size: 22KB

.rsrc Size: 50KB - Virtual size: 49KB

.flat Size: 512B - Virtual size: 34B

.code
Size: 116KB - Virtual size: 115KB

.text
Size: 362KB - Virtual size: 362KB

.rdata
Size: 46KB - Virtual size: 46KB

.data
Size: 4KB - Virtual size: 22KB

.rsrc
Size: 50KB - Virtual size: 49KB

.flat
Size: 512B - Virtual size: 34B