38fb23fd096e3572e088768ea2963ec2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38fb23fd096e3572e088768ea2963ec2_JaffaCakes118
Size

1.1MB
MD5

38fb23fd096e3572e088768ea2963ec2
SHA1

c3917f4d668bff6b5456c46bfce29cddabf800c5
SHA256

0249c0bfdf9f74d2747242ba681e537600c229fd46843ce1e7f3886e0ac8e62e
SHA512

9c44b7096dd9ec21bddb9cca981a39f3763a53d8e313ba54011a6e33953d51b1c3efc3a4f5c0ad03abfce05b934b6f04a5dfc21c7625eb6b82fb05bd2ada38af
SSDEEP

12288:UGmw+aMex0TsvgYD68PEDofXPcp+HMrQ++5w+0R2Hsm19czpSG3mWlum+eF4NG4:fMeKID68sVQ7knoHsm1uQG/r+YsB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38fb23fd096e3572e088768ea2963ec2_JaffaCakes118

Files

38fb23fd096e3572e088768ea2963ec2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

87c626b9c365d329ed936cb98f6af699

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CopyIcon
CreateIcon
DestroyCursor
LoadBitmapW
GetClassNameW
EqualRect
IntersectRect
ClientToScreen
InvalidateRect
GetDCEx
GetMenuItemCount
SetMenu
GetKeyboardType
DestroyWindow
GetKeyboardLayoutList

kernel32

SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
GetProcAddress
GlobalFree
VirtualAlloc
WriteConsoleW
GetCurrentProcess
GetCurrentThreadId
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetFileType
GetFileSize
SetEndOfFile
CloseHandle
CreateMutexW
CreateProcessW
FindResourceExW
DeleteFileW
QueryPerformanceCounter
MultiByteToWideChar
HeapDestroy
GetProcessHeap
GetStringTypeW
HeapReAlloc
HeapAlloc
OutputDebugStringW
RtlUnwind
LoadLibraryExW
GetCommandLineW
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
WideCharToMultiByte
CreateFileW
GetStdHandle
GetStartupInfoW
GetModuleFileNameW
WriteFile
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
HeapFree
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent

advapi32

OpenSCManagerW

psapi

GetProcessImageFileNameW
GetDeviceDriverFileNameW
EnumDeviceDrivers
GetMappedFileNameW
GetModuleFileNameExW

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 409KB - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gf7i
Size: 524KB - Virtual size: 527KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

87c626b9c365d329ed936cb98f6af699

Headers

File Characteristics

Imports

user32

kernel32

advapi32

psapi

Sections

.text Size: 79KB - Virtual size: 79KB

.rdata Size: 110KB - Virtual size: 109KB

.data Size: 409KB - Virtual size: 6.7MB

.gf7i Size: 524KB - Virtual size: 527KB

.text
Size: 79KB - Virtual size: 79KB

.rdata
Size: 110KB - Virtual size: 109KB

.data
Size: 409KB - Virtual size: 6.7MB

.gf7i
Size: 524KB - Virtual size: 527KB