8fa629dc18d8ed33f4ed240742a7c3ce_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8fa629dc18d8ed33f4ed240742a7c3ce_JaffaCakes118
Size

237KB
MD5

8fa629dc18d8ed33f4ed240742a7c3ce
SHA1

f2ccec2f02a32d2ac32b6d6e1e827a4cfe49e269
SHA256

6fca5aa2d12a72a27d1f81b0333a6e2c93342bb3ec9bb81497ad1dbdcd50584c
SHA512

360e59bbe1494652279cb69e39165c21b0499b5955cd9de4013f9c40db8af1e183389414e5fb634e30fb8d08650c437e1506b2f1e0cb9376c0367fe49d54fb00
SSDEEP

3072:W2tOC6Ylcb/z57LNrzhdexuH+0c0XutC/Tekvu12Fbbj:W2j5KpLNvh+q+90+toTe0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
8fa629dc18d8ed33f4ed240742a7c3ce_JaffaCakes118

Files

8fa629dc18d8ed33f4ed240742a7c3ce_JaffaCakes118
.exe windows:5 windows x86 arch:x86

82a3202c0278063eeb11b0b875593d91

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomW
EnumTimeFormatsW
FindAtomW
VirtualProtect
GetThreadTimes
GetSystemTimeAdjustment
WriteConsoleOutputCharacterA
GlobalAlloc
FatalExit
TerminateProcess
GetTickCount
FindCloseChangeNotification
GetStringTypeW
GetStringTypeA
GetCurrentDirectoryW
GetLastError
FindFirstChangeNotificationA
LocalFree
HeapFree
GetCommandLineA
GetStartupInfoA
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
ReadFile
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
FlushFileBuffers
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CreateFileA
CloseHandle
HeapSize
GetLocaleInfoA
LCMapStringA
LCMapStringW

user32

PeekMessageW
ScrollWindow
CreateWindowExA
LookupIconIdFromDirectory
LoadIconW
GetNextDlgTabItem
GetMenuInfo
SetParent
SetThreadDesktop

gdi32

CreateCompatibleDC
SetViewportOrgEx
CreateCompatibleBitmap

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82a3202c0278063eeb11b0b875593d91

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 39KB - Virtual size: 39KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 133KB - Virtual size: 293KB

.rsrc Size: 51KB - Virtual size: 50KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 39KB - Virtual size: 39KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 133KB - Virtual size: 293KB

.rsrc
Size: 51KB - Virtual size: 50KB

.reloc
Size: 4KB - Virtual size: 4KB