411180e46b902ecd3b5898033e652c88_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

411180e46b902ecd3b5898033e652c88_JaffaCakes118
Size

3.2MB
MD5

411180e46b902ecd3b5898033e652c88
SHA1

6a525ae02add87bf2b0fc4ec44b706829fc431a7
SHA256

1b683abfc4e212d187e0e38b2e49c92316848a32875a7fd390c5fe61757802e9
SHA512

24e8683374aacbd9027c7e8adc289f87dae9712fc199a9965606e829a9283df3a264029a3dfe7b46c159b90f0b7195d285d5b5e3626c33a8a85b264380b0d035
SSDEEP

24576:peUTwvZ+/e4VLLhyOaw9y/hYGK9bxK3TR40+q:kUsU/zVTy/hYlKpT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
411180e46b902ecd3b5898033e652c88_JaffaCakes118

Files

411180e46b902ecd3b5898033e652c88_JaffaCakes118
.exe windows:5 windows x86 arch:x86

72d174b315363e5b30f48992a9c21d3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellAboutW
SHBindToParent

secur32

DeleteSecurityContext
GetUserNameExW
FreeContextBuffer

kernel32

WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
VirtualAlloc
ExitProcess
SwitchToThread
DeleteCriticalSection
WaitForSingleObject
GetFileType
ReadFile
SetEndOfFile
GetCommModemStatus
CloseHandle
GetSystemInfo
TlsFree
CreateWaitableTimerW
LoadLibraryW
GetModuleHandleW
ExpandEnvironmentStringsW
OutputDebugStringW
FindResourceExW
GlobalAddAtomW
FindFirstFileW
CreateNamedPipeW
IsValidCodePage
MultiByteToWideChar
GetStringTypeW
SetCommTimeouts
GetCommandLineW
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
GetACP
IsDebuggerPresent
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
CreateFileW
RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep

advapi32

RegCreateKeyExW

user32

OffsetRect
ScreenToClient
GetCaretBlinkTime
MessageBeep
SetWindowTextW
SetPropW
SetActiveWindow
GetMenuInfo
DeleteMenu
RemoveMenu
CreateMenu
PtInRect
LoadAcceleratorsW
GetActiveWindow
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
EndDeferWindowPos
FlashWindowEx
DestroyWindow
IsWindow
SendMessageW
ExitWindowsEx
ActivateKeyboardLayout
FindWindowExW
GetClassNameW
CopyIcon
CreateIcon
DdeQueryConvInfo
GetMenuState

Sections

.text
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 458KB - Virtual size: 7.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ors97
Size: 464KB - Virtual size: 464KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.6w03l
Size: 540KB - Virtual size: 539KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.6us2
Size: 878KB - Virtual size: 878KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.03uan
Size: 439KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72d174b315363e5b30f48992a9c21d3c

Headers

File Characteristics

Imports

shell32

secur32

kernel32

advapi32

user32

Sections

.text Size: 131KB - Virtual size: 131KB

.data Size: 458KB - Virtual size: 7.6MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.ors97 Size: 464KB - Virtual size: 464KB

.6w03l Size: 540KB - Virtual size: 539KB

.6us2 Size: 878KB - Virtual size: 878KB

.03uan Size: 439KB - Virtual size: 439KB

.rsrc Size: 363KB - Virtual size: 362KB

.text
Size: 131KB - Virtual size: 131KB

.data
Size: 458KB - Virtual size: 7.6MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.ors97
Size: 464KB - Virtual size: 464KB

.6w03l
Size: 540KB - Virtual size: 539KB

.6us2
Size: 878KB - Virtual size: 878KB

.03uan
Size: 439KB - Virtual size: 439KB

.rsrc
Size: 363KB - Virtual size: 362KB