859964701c8b6e15ea63d88bffeec9db_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

859964701c8b6e15ea63d88bffeec9db_JaffaCakes118
Size

844KB
MD5

859964701c8b6e15ea63d88bffeec9db
SHA1

9d2d31dfa62cba7eed138574e4465c90f8c5e215
SHA256

e2097ba88f3760d46f537cfcfcc5405b341b9dfceeb6437d82d7c4c5022129a5
SHA512

81ce169c6547cf3c3c48e79133e4bc76ea474d82c84a3e0369c0b030cd6c2962197ae6106c05e5141f680ca38c5b5b1f866393dcd9d40b5dcf2ce6d8906197fe
SSDEEP

12288:RipJccqRbcNVemkLwEcRRNR7S+fDdYr5HyYIc04jj5BMNY/BlVNXMDJach78ap3l:0zH4sersEM9WMC85cpjj/HRtiJ/p3l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
859964701c8b6e15ea63d88bffeec9db_JaffaCakes118

Files

859964701c8b6e15ea63d88bffeec9db_JaffaCakes118
.exe windows:5 windows x86 arch:x86

977dbf6e20e82d78f8fda71ae2fc9899

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
FindClose
CloseHandle
GetSystemInfo
TlsAlloc
CreateMutexW
ExpandEnvironmentStringsW
FindResourceExW
GetSystemDirectoryW
GetFileAttributesW
FindNextFileW
QueryPerformanceCounter
IsValidCodePage
GetOEMCP
DeleteCriticalSection
CompareStringW
LCMapStringW
GetUserDefaultLCID
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnterCriticalSection
InitializeCriticalSection
GetLastError
GetCurrentThreadId
FreeEnvironmentStringsW
GetEnvironmentStringsW
ExitProcess
GetCurrentProcess
HeapFree
HeapReAlloc
HeapAlloc
VirtualAlloc
GetProcAddress
GlobalFree
GlobalUnlock
GlobalAlloc
MultiByteToWideChar
GetCommandLineW
SetLastError
EncodePointer
DecodePointer
GetModuleHandleExW
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameW
WriteFile
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
TerminateProcess
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
LeaveCriticalSection
GetACP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryExW
RtlUnwind
OutputDebugStringW
GetStringTypeW
HeapSize
CreateFileW

user32

GetIconInfo
GetWindowDC
CreatePopupMenu
GetKeyboardType
GetDlgItemTextW
ShowOwnedPopups
SendMessageW
ActivateKeyboardLayout

comctl32

ImageList_Write
InitializeFlatSB
CreateStatusWindowW
ImageList_GetImageInfo
ImageList_Read
ImageList_DragShowNolock
ImageList_SetDragCursorImage
ImageList_EndDrag
ImageList_BeginDrag
ImageList_AddMasked
ImageList_Replace
ImageList_GetBkColor
ImageList_ReplaceIcon
ImageList_Create
InitCommonControlsEx
DestroyPropertySheetPage

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 751KB - Virtual size: 7.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

977dbf6e20e82d78f8fda71ae2fc9899

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 79KB - Virtual size: 78KB

.data Size: 751KB - Virtual size: 7.8MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 9KB - Virtual size: 12KB

.text
Size: 79KB - Virtual size: 78KB

.data
Size: 751KB - Virtual size: 7.8MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 9KB - Virtual size: 12KB