8a70b47f5f610790846c90ec20c904aa_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8a70b47f5f610790846c90ec20c904aa_JaffaCakes118
Size

149KB
MD5

8a70b47f5f610790846c90ec20c904aa
SHA1

755cfb36c85789d73dd0d06ea2ba16d85ef3ca2b
SHA256

c9c72a4e4bca170ccfb1b941241fc8f7930a22d100aca3987782271067c4ccbb
SHA512

c159bc077e000dc24c30dfa4fbd65129eb69e7ed967438926689787d31868e5e63a058e3a7cc85954b6cd40b7e6eda4cccbffdb0dfd35c5876435497d6145fdd
SSDEEP

3072:leHxIT8hgaUPEz8yy4LWlUYxcTDRysFEdAfak/wN3U+/:PT8z64CfKDQdAfaK+E+/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1.exe

Files

8a70b47f5f610790846c90ec20c904aa_JaffaCakes118
.rar
1.exe
.exe windows:1 windows x86 arch:x86

f315dc83158e669318b1433dd836d7f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalReAlloc
CloseHandle
TlsSetValue
GetProcAddress
FreeLibrary
GetFileSize
CreateMutexW
FormatMessageW
InterlockedCompareExchange
TlsAlloc
LockResource
GetTickCount
lstrlenW
GetACP
LoadLibraryA
SetStdHandle
SetLastError
InterlockedExchange
GetEnvironmentStrings
GetOEMCP
ResetEvent
GetCommandLineW
LocalFree
GetFileType
FreeEnvironmentStringsW
GetDiskFreeSpaceA
CreateSemaphoreW
QueryPerformanceCounter
CreateDirectoryA
DisableThreadLibraryCalls
MultiByteToWideChar
VirtualProtect
UnhandledExceptionFilter
CreateEventW
GetCurrentThreadId
lstrcmpA
TlsGetValue
HeapAlloc
TerminateProcess
LeaveCriticalSection
GetSystemInfo
HeapSize
lstrcmpiW
LCMapStringW
DeleteFileW
CreateFileMappingW
GetCurrentProcessId
GetModuleFileNameW
WideCharToMultiByte
SetThreadPriority
DuplicateHandle
GetCommandLineA
GetStdHandle
GetDriveTypeW
GlobalSize
LoadLibraryW
RtlUnwind
HeapDestroy
SetUnhandledExceptionFilter
RaiseException
CompareStringA
SetFilePointer
SizeofResource
GetCurrentProcess
VirtualAlloc
GetStringTypeW
GetFileAttributesW
WaitForSingleObject
GetStartupInfoA
GetLastError
CreateFileA
FindFirstFileA

user32

SendDlgItemMessageA
EnableWindow
SetWindowTextW
wsprintfA
GetDC
GetWindowPlacement
SetCapture
GetParent
SetTimer
SetWindowPos
DeleteMenu
GetSysColor
SendMessageA
PostMessageW
GetSystemMetrics
MoveWindow
CreateWindowExW
LoadStringW
GetCursorPos
GetDlgCtrlID
SetPropW
KillTimer
GetClassNameW
BringWindowToTop
SetCursor
LoadMenuW

msvcrt

qsort
_XcptFilter
??3@YAXPAX@Z
_adjust_fdiv
_amsg_exit
malloc
time
__dllonexit
_unlock
_initterm
memcpy
memset
??1type_info@@UAE@XZ

ntdll

ZwFindAtom

ole32

CoTaskMemAlloc

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 22KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f315dc83158e669318b1433dd836d7f9

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

ntdll

ole32

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 3KB - Virtual size: 17KB

.data Size: 512B - Virtual size: 1.1MB

.idata Size: 22KB - Virtual size: 23KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 56B

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 3KB - Virtual size: 17KB

.data
Size: 512B - Virtual size: 1.1MB

.idata
Size: 22KB - Virtual size: 23KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 56B