991c3536ea1fafe361dba37c78012e12_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

991c3536ea1fafe361dba37c78012e12_JaffaCakes118
Size

844KB
MD5

991c3536ea1fafe361dba37c78012e12
SHA1

241b2428091e4f71caf19678119a26162095218b
SHA256

7a608d04218e78bc0993210668cf544ab9ca6d274dff7c41fe252b9fba1b7e4a
SHA512

0e93ed32255a18e9075206f5a43a88109e410e584844af40c59a8a5ce5a393fac4ba6efc4e0894d93952416d593f492cf0c16768b72bdd9c08832d6da638799b
SSDEEP

24576:03rpGQIlOYYiVLbzGLf+lIDf+KtiJ/pWl:03rpGblOYYi5Xufv4Wl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
991c3536ea1fafe361dba37c78012e12_JaffaCakes118

Files

991c3536ea1fafe361dba37c78012e12_JaffaCakes118
.exe windows:5 windows x86 arch:x86

977dbf6e20e82d78f8fda71ae2fc9899

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
FindClose
CloseHandle
GetSystemInfo
TlsAlloc
CreateMutexW
ExpandEnvironmentStringsW
FindResourceExW
GetSystemDirectoryW
GetFileAttributesW
FindNextFileW
QueryPerformanceCounter
IsValidCodePage
GetOEMCP
DeleteCriticalSection
CompareStringW
LCMapStringW
GetUserDefaultLCID
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnterCriticalSection
InitializeCriticalSection
GetLastError
GetCurrentThreadId
FreeEnvironmentStringsW
GetEnvironmentStringsW
ExitProcess
GetCurrentProcess
HeapFree
HeapReAlloc
HeapAlloc
VirtualAlloc
GetProcAddress
GlobalFree
GlobalUnlock
GlobalAlloc
MultiByteToWideChar
GetCommandLineW
SetLastError
EncodePointer
DecodePointer
GetModuleHandleExW
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameW
WriteFile
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
TerminateProcess
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
LeaveCriticalSection
GetACP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryExW
RtlUnwind
OutputDebugStringW
GetStringTypeW
HeapSize
CreateFileW

user32

GetIconInfo
GetWindowDC
CreatePopupMenu
GetKeyboardType
GetDlgItemTextW
ShowOwnedPopups
SendMessageW
ActivateKeyboardLayout

comctl32

ImageList_Write
InitializeFlatSB
CreateStatusWindowW
ImageList_GetImageInfo
ImageList_Read
ImageList_DragShowNolock
ImageList_SetDragCursorImage
ImageList_EndDrag
ImageList_BeginDrag
ImageList_AddMasked
ImageList_Replace
ImageList_GetBkColor
ImageList_ReplaceIcon
ImageList_Create
InitCommonControlsEx
DestroyPropertySheetPage

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 751KB - Virtual size: 7.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

977dbf6e20e82d78f8fda71ae2fc9899

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 79KB - Virtual size: 78KB

.data Size: 751KB - Virtual size: 7.8MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 9KB - Virtual size: 12KB

.text
Size: 79KB - Virtual size: 78KB

.data
Size: 751KB - Virtual size: 7.8MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 9KB - Virtual size: 12KB