4247b2cae5c018ee0134feb6695bf7e7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4247b2cae5c018ee0134feb6695bf7e7_JaffaCakes118
Size

251KB
MD5

4247b2cae5c018ee0134feb6695bf7e7
SHA1

5fd1acfc04be9afc9e31e868cab37b7f10a669a3
SHA256

a67f34f84d7cc2ab0c2e9652f7fa0cc43985969dd8751fb2ab0abab2a892d412
SHA512

ee359f1b805c476549b3d869ab3317f8265c96155030e253a62626f21cf0ef5962c777c59e195726132dfe6b1ff40b5afc0aca42d4f9e0f0140b6be7cfa32be2
SSDEEP

6144:7v+MG0F7zG2lIEp6FzlcruO8zrP6HySZ:7LG0F7yWalINUg/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4247b2cae5c018ee0134feb6695bf7e7_JaffaCakes118

Files

4247b2cae5c018ee0134feb6695bf7e7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

683b2937d010f7dd5b2ae3d7775f8106

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostMessageA
CreateWindowExA
EndPaint
GetWindowLongA
DialogBoxParamA
DefWindowProcA
EnableMenuItem
GetWindowRect
SendMessageA
SetWindowPos
GetMenu
GetMessageA
TranslateMessage
DispatchMessageA
MessageBeep
LoadIconA
LoadCursorA
RegisterClassA
GetSystemMetrics

comdlg32

GetOpenFileNameA

kernel32

TlsSetValue
CloseHandle
CreateFileA
ReadFile
GetLocaleInfoW
HeapSize
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
HeapReAlloc
VirtualAlloc
LCMapStringW
LCMapStringA
SetFilePointer
RtlUnwind
InitializeCriticalSectionAndSpinCount
LoadLibraryA
SetEnvironmentVariableA
GetProcAddress
HeapAlloc
GetProcessHeap
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WideCharToMultiByte
GetModuleHandleW
Sleep
ExitProcess
DeleteCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsFree
SetLastError
GetCurrentThreadId
GetLastError
HeapFree
GetTimeZoneInformation
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
CompareStringA
CompareStringW

Sections

.text
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

683b2937d010f7dd5b2ae3d7775f8106

Headers

DLL Characteristics

File Characteristics

Imports

user32

comdlg32

kernel32

Sections

.text Size: 213KB - Virtual size: 213KB

.data Size: 4KB - Virtual size: 91KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 213KB - Virtual size: 213KB

.data
Size: 4KB - Virtual size: 91KB

.rsrc
Size: 32KB - Virtual size: 32KB