1fe358a195a9fff69d9ce6be02946221_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1fe358a195a9fff69d9ce6be02946221_JaffaCakes118
Size

215KB
MD5

1fe358a195a9fff69d9ce6be02946221
SHA1

1b6492536f2305f656f1874ecf35624684f8123e
SHA256

55d5cd70b9a2a7759e29a5586bf6b5460c8dca4c277afc650f0200b78b16008c
SHA512

746d7c9bc324fbeb24d37aa2d90a752ee0b1bc6d038be91c8b78828d7627dce8c25941aaba56c6caf832e8aee9e330843dbb4a0f165bf44d891b6b2226d00cc1
SSDEEP

3072:pr5FHFonsZ5pX4Qgoiged765f/9scK2FarcQVrClxnpqyj8Irl+P9Uvx4FpHjOzB:lGMpXLTiged+Z/9tarcnpfqMLh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1fe358a195a9fff69d9ce6be02946221_JaffaCakes118

Files

1fe358a195a9fff69d9ce6be02946221_JaffaCakes118
.exe windows:5 windows x86 arch:x86

11ea83e996050babbc878069c9116d47

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetCurrentProcess
CreateMutexA
GetCurrentDirectoryA
GetStartupInfoW
InterlockedIncrement
InterlockedDecrement
QueryPerformanceCounter
CompareFileTime
CreateEventA
GetCurrentThreadId
GetCurrentProcessId
GetModuleHandleA
GetCurrentThread
VirtualAlloc
GetStdHandle
GetStartupInfoA
ReadFile
LoadLibraryW
HeapAlloc
WideCharToMultiByte
InterlockedExchange
LocalFree
FindClose
DeleteCriticalSection
MultiByteToWideChar
SetEndOfFile
LoadLibraryA
EnterCriticalSection
WaitForSingleObject
CreateFileA
lstrlenW
SetFilePointer
LeaveCriticalSection
LoadResource
FreeLibraryAndExitThread
WriteFile
TlsFree
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
RtlUnwind
GetCommandLineA
IsDebuggerPresent
EncodePointer
DecodePointer
IsProcessorFeaturePresent
GetLastError
SetLastError
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
GetProcessHeap
GetFileType
GetModuleFileNameA
GetModuleFileNameW
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
GetTickCount
GetModuleHandleW
CreateSemaphoreW
FatalAppExitA
HeapFree
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RaiseException
SetConsoleCtrlHandler
FreeLibrary
LoadLibraryExW
OutputDebugStringW
HeapReAlloc
GetStringTypeW
HeapSize
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
CreateFileW

user32

GetSystemMetrics
SetWindowPos

shlwapi

StrCmpNW

ole32

OleGetClipboard

msi

ord91

Sections

.text
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11ea83e996050babbc878069c9116d47

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shlwapi

ole32

msi

Sections

.text Size: 200KB - Virtual size: 200KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 200KB - Virtual size: 200KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 7KB - Virtual size: 7KB