a326ac250be33b922a7faa5e011d906e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a326ac250be33b922a7faa5e011d906e_JaffaCakes118
Size

821KB
MD5

a326ac250be33b922a7faa5e011d906e
SHA1

75f56e32bd45dcd84857eed069b45891855298d5
SHA256

fc7dd450fc7fdd02397ccd60ffc85b69b3446adc707bd76a0eccf2e83f8e53b9
SHA512

9c15f102cb2fbeb6de8d8cf66fc1b7b58b1e0209a7f4d6326f143f1f2605045c78dbea2465c29f24e7d8032d6814f38b5bf6c78b206855ad6461015d150039a8
SSDEEP

12288:NVKZcUaxmia17WklqcoK2Gfj1PeM+r17EMEOHw8lPHefoxde/8Cin95cHZaV1x:Opx1qGqE2GfjInr1IyZn2J6QHQV1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a326ac250be33b922a7faa5e011d906e_JaffaCakes118

Files

a326ac250be33b922a7faa5e011d906e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d825db4242630b046460ec32860867dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_SetBkColor
ImageList_Destroy

mpr

WNetGetLastErrorW
WNetEnumResourceW

oleaut32

SysAllocStringLen
SafeArrayCreate
SafeArrayGetUBound
SafeArrayUnaccessData
CreateErrorInfo
VarNeg
VarR8FromStr
VariantClear

kernel32

GetConsoleCP
FlushFileBuffers
LCMapStringW
GetProcAddress
GetVersion
LocalAlloc
LocalFree
VirtualAlloc
HeapDestroy
HeapAlloc
ExitProcess
GetEnvironmentStringsW
GetCurrentThreadId
GetLastError
GetConsoleMode
ReleaseSemaphore
GetFileType
GetFileSize
ReadFile
SetFilePointer
CloseHandle
GetLocalTime
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
FormatMessageW
GetNamedPipeInfo
lstrcmpiW
TlsFree
GetModuleHandleW
FindResourceExW
GetFullPathNameW
GetFileAttributesW
FindFirstFileW
GetVersionExW
MultiByteToWideChar
GetConsoleWindow
SetStdHandle
SetFilePointerEx
WriteConsoleW
LeaveCriticalSection
HeapSize
GetStringTypeW
HeapReAlloc
OutputDebugStringW
RtlUnwind
LoadLibraryExW
GetCommandLineW
IsProcessorFeaturePresent
SetLastError
EncodePointer
DecodePointer
GetModuleHandleExW
WideCharToMultiByte
GetProcessHeap
GetStdHandle
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
EnterCriticalSection
HeapFree
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
CreateFileW

crypt32

CryptHashCertificate
CertControlStore
CryptEnumOIDInfo

user32

GetMenu
EqualRect
DestroyIcon
DdeAddData
DestroyAcceleratorTable

ole32

CoTaskMemAlloc

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 752KB - Virtual size: 751KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d825db4242630b046460ec32860867dd

Headers

File Characteristics

Imports

comctl32

mpr

oleaut32

kernel32

crypt32

user32

ole32

Sections

.text Size: 59KB - Virtual size: 58KB

.rdata Size: 752KB - Virtual size: 751KB

.data Size: 9KB - Virtual size: 7.2MB

.text
Size: 59KB - Virtual size: 58KB

.rdata
Size: 752KB - Virtual size: 751KB

.data
Size: 9KB - Virtual size: 7.2MB