0142ae53e608c6a30c861393166686b8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0142ae53e608c6a30c861393166686b8_JaffaCakes118
Size

557KB
MD5

0142ae53e608c6a30c861393166686b8
SHA1

6cfe4f45ed94cca2529fd0629c456d59e8262c4d
SHA256

0b823826415868b035126b7fa183e6fd4d772acec75370815ed86dd2d4857f30
SHA512

00447aa054018f247397a9a6a4ef031809b151452a95590b912d82da1fe040454fd7f3c41636022416433a5c0cb431ff317f65c2b087e504decd2599b9cfb352
SSDEEP

12288:8MtxaFevTMJG4cYJjENVStbQAJCvhFf2ilsmMi0musoGp+:8MvaFevTMJGbV3A4pEysmEfGp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0142ae53e608c6a30c861393166686b8_JaffaCakes118

Files

0142ae53e608c6a30c861393166686b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a8f49817c0a38182f93f7175eef51cdd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

MsgWaitForMultipleObjectsEx
LoadMenuW
ShowWindow
GetNextDlgTabItem
CreateDesktopA
GetIconInfo
CharLowerBuffW
MapVirtualKeyW
BroadcastSystemMessage
PackDDElParam
ExitWindowsEx
ChangeDisplaySettingsExW
TrackMouseEvent
RegisterClassExA
EnumDisplayMonitors
LoadCursorA
RegisterClassA
GetClassWord
IsWindowEnabled
CharNextA
LoadMenuIndirectW
SetParent
SetThreadDesktop
DrawEdge
CharUpperA
LoadMenuA

kernel32

GetLocaleInfoW
GetModuleHandleA
LeaveCriticalSection
FreeLibrary
GetCurrentThreadId
UnhandledExceptionFilter
VirtualQuery
GetCPInfo
WideCharToMultiByte
SetUnhandledExceptionFilter
HeapDestroy
EnumSystemLocalesA
IsDebuggerPresent
GetDateFormatA
GetConsoleCP
TlsAlloc
CreateMutexA
GetCurrentProcess
GetOEMCP
SetHandleCount
InterlockedExchange
GetFileType
QueryPerformanceCounter
GetACP
ExitProcess
HeapSize
GetTickCount
CreateFileA
SetEnvironmentVariableA
TlsFree
FreeEnvironmentStringsW
LCMapStringW
GetEnvironmentStrings
SetConsoleCtrlHandler
ReadFile
InterlockedDecrement
GetUserDefaultLCID
TlsGetValue
GetCurrentProcessId
DeleteCriticalSection
GetEnvironmentStringsW
RtlUnwind
FreeEnvironmentStringsA
GetCurrentThread
GetLocaleInfoA
CompareStringW
SetFilePointer
OpenMutexA
GetStringTypeW
GetStringTypeA
GetStartupInfoA
GetStdHandle
GetProcAddress
SetLastError
CloseHandle
CompareStringA
GetSystemTimeAsFileTime
TlsSetValue
HeapAlloc
LCMapStringA
GetCommandLineA
HeapFree
SetStdHandle
VirtualFree
MultiByteToWideChar
GetConsoleMode
GetLastError
GetTimeFormatA
WriteConsoleW
GetModuleFileNameA
LoadLibraryA
HeapCreate
GetConsoleOutputCP
WriteConsoleA
IsValidLocale
InitializeCriticalSection
Sleep
GetProcessHeap
FlushFileBuffers
GetVersionExA
VirtualAlloc
InterlockedIncrement
IsValidCodePage
HeapReAlloc
TerminateProcess
WriteFile
EnterCriticalSection
GetTimeZoneInformation
CreateSemaphoreW

comdlg32

ChooseColorW
ChooseFontW

wininet

InternetReadFileExW
SetUrlCacheConfigInfoA
InternetLockRequestFile
SetUrlCacheEntryInfoA

Sections

.text
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 359KB - Virtual size: 359KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8f49817c0a38182f93f7175eef51cdd

Headers

File Characteristics

Imports

comctl32

user32

kernel32

comdlg32

wininet

Sections

.text Size: 179KB - Virtual size: 178KB

.rdata Size: 9KB - Virtual size: 32KB

.data Size: 359KB - Virtual size: 359KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 179KB - Virtual size: 178KB

.rdata
Size: 9KB - Virtual size: 32KB

.data
Size: 359KB - Virtual size: 359KB

.rsrc
Size: 8KB - Virtual size: 7KB