92a98d0dea789bbbf9711175ea981e5b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

92a98d0dea789bbbf9711175ea981e5b_JaffaCakes118
Size

1.2MB
MD5

92a98d0dea789bbbf9711175ea981e5b
SHA1

891203ef9727a79e71615ed35e4c64909ae9e2ae
SHA256

fe733c761ac92f3dc33eb1d32b86412025c8dbf729b830b6fe8e7d421d3d4f7d
SHA512

138ca5d72e9d490f1d5054989bceb464151d216af8ea77d75a9d3f0cf95955eb14abd370c3cdb15c15a72c3707e0e13f9162eea34d5122dd7116bf86ff31041c
SSDEEP

12288:FT8roIpQVJJcl09zirOQrImWTGP+J7/Sbz+jqynfLU9qdIMIwQPD6Hx3Rl0:FTVlDJ60xzQ6z7/SlyjjNDHdRl0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
92a98d0dea789bbbf9711175ea981e5b_JaffaCakes118

Files

92a98d0dea789bbbf9711175ea981e5b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b64d943da434aa9968c40a6fa93ff4f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingW
GetModuleHandleW
OutputDebugStringW
DeleteFileW
MultiByteToWideChar
WideCharToMultiByte
CompareStringW
GetLocaleInfoW
GetStringTypeW
lstrcmpiW
InterlockedIncrement
InterlockedDecrement
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
HeapReAlloc
GetOEMCP
GetACP
GetCPInfo
FormatMessageW
FileTimeToSystemTime
CloseHandle
ReadFile
WaitForMultipleObjects
LeaveCriticalSection
GetLastError
GetCurrentThreadId
HeapSize
HeapFree
HeapAlloc
VirtualAlloc
GetProcAddress
GlobalAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection

oleaut32

CreateErrorInfo
GetErrorInfo
LoadTypeLi
VarNot
VarBoolFromStr
VarBstrFromBool
VarBstrFromDate
VarCyFromStr
VarDateFromStr
VariantChangeTypeEx
VariantCopy
SafeArrayPtrOfIndex
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayRedim
SysFreeString

comctl32

_TrackMouseEvent
FlatSB_SetScrollInfo
ImageList_GetImageInfo
ImageList_GetDragImage
ImageList_DragMove
ImageList_DragLeave
ImageList_EndDrag
ImageList_BeginDrag
ImageList_GetIcon
ImageList_Remove
ImageList_SetOverlayImage
ImageList_Create
InitCommonControlsEx
ord17

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 6.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mi5i6n
Size: 733KB - Virtual size: 732KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 370KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b64d943da434aa9968c40a6fa93ff4f3

Headers

File Characteristics

Imports

kernel32

oleaut32

comctl32

Sections

.text Size: 61KB - Virtual size: 60KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 11KB - Virtual size: 6.5MB

.mi5i6n Size: 733KB - Virtual size: 732KB

.rsrc Size: 370KB - Virtual size: 369KB

.text
Size: 61KB - Virtual size: 60KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 11KB - Virtual size: 6.5MB

.mi5i6n
Size: 733KB - Virtual size: 732KB

.rsrc
Size: 370KB - Virtual size: 369KB