760b28caa78aa019e6a6143dce54fdef_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

760b28caa78aa019e6a6143dce54fdef_JaffaCakes118
Size

2.7MB
MD5

760b28caa78aa019e6a6143dce54fdef
SHA1

c3d449da395fc5e6eebfa0aecff8d607456e5e44
SHA256

66b5a23e351520ff218f3d8954081b067a6fe57e757197a6a96372ba511d3ed4
SHA512

fe9f51524cf221e698550a3e41804a519a6de1aa581eefb6323cba77aaf76800a4122fa9a703964b3e8dfcded95cde950814d2ad53f981dcf095230026d2b4be
SSDEEP

49152:8Bgc88QXyl1ri1KwVlosvCom0PHEb9EcN9yOq6DePmQU4u/:GNQXyTi1KwVmen8DN9yOq6Di+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
760b28caa78aa019e6a6143dce54fdef_JaffaCakes118

Files

760b28caa78aa019e6a6143dce54fdef_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ccdce36d71bdb9040cf5ba2098d7a7be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GlobalUnlock
VirtualAlloc
ExitProcess
GetEnvironmentStringsW
GetCurrentThreadId
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
GetFileSize
SetFilePointer
CloseHandle
GetSystemTime
CreateMutexW
CreateEventW
CreateProcessW
GetStartupInfoW
GetFullPathNameW
DeleteFileW
GetProcAddress
WideCharToMultiByte
CompareStringW
GetLocaleInfoW
GetUserDefaultLCID
FreeConsole
GetConsoleCP
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
FlushFileBuffers
LCMapStringW
HeapSize
GetStringTypeW
HeapReAlloc
HeapAlloc
OutputDebugStringW
MultiByteToWideChar
RtlUnwind
GetCommandLineW
SetLastError
EncodePointer
DecodePointer
GetModuleHandleExW
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
HeapFree
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryExW
CreateFileW

user32

WindowFromPoint
AdjustWindowRectEx
GetDCEx
TrackPopupMenu
CreateMenu
DrawMenuBar
KillTimer
MsgWaitForMultipleObjectsEx
CharPrevW
GetDialogBaseUnits
BeginDeferWindowPos
MoveWindow
TranslateMessage
GetMessageW

comdlg32

FindTextW

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 880KB - Virtual size: 880KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.7MB - Virtual size: 33.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccdce36d71bdb9040cf5ba2098d7a7be

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 880KB - Virtual size: 880KB

.data Size: 1.7MB - Virtual size: 33.9MB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 880KB - Virtual size: 880KB

.data
Size: 1.7MB - Virtual size: 33.9MB

.rsrc
Size: 23KB - Virtual size: 23KB