01d7ca24d577694f128381e18c352ac2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

01d7ca24d577694f128381e18c352ac2_JaffaCakes118
Size

421KB
MD5

01d7ca24d577694f128381e18c352ac2
SHA1

83df52c3c7be967d6c8c1568a283609fd0210e92
SHA256

579ced1e749ab95317f0317f647399ff9f6e9b84c936c30ca47ebdadaa09cffd
SHA512

5c69cbab957fd1b8a0ec7c309dbd8c33f438fe5a6c2041a2cb290b49d05b5b165d08ec72af0b03dde6979c62916c94a1ddf67ab682f5dd01c8636b2c148ac413
SSDEEP

6144:A6biH2WSah1x1P66deYpskEjeYZA3Pqhg/ME8N6BSuFZzje2:lbO3hC6jpi/ZIqE38NAZu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01d7ca24d577694f128381e18c352ac2_JaffaCakes118

Files

01d7ca24d577694f128381e18c352ac2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

953c9a0b09699dcf05600b2186d4c7b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControls

kernel32

VirtualAlloc
GetFileSize
ReadFile
WriteFile
CloseHandle
CreateFileA
SetFilePointer
VirtualFree
GetVersion
TerminateProcess
GetCurrentProcess
RaiseException
RtlUnwind
SetStdHandle
HeapAlloc
GetStringTypeA
LCMapStringW
GetProcAddress
GetModuleHandleA
GetLastError
GetStdHandle
MultiByteToWideChar
WideCharToMultiByte
GetStartupInfoA
GetCommandLineA
CopyFileA
ExitProcess
HeapFree
IsBadCodePtr
GetStringTypeW
GetFileType
LCMapStringA
FlushFileBuffers
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LockResource
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
HeapReAlloc
IsBadWritePtr
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
IsBadReadPtr

shell32

DragQueryFile

user32

GetDlgItem
SetDlgItemTextA
PostQuitMessage
SendMessageA
DialogBoxParamA
LoadIconA

Sections

Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 112KB - Virtual size: 612KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 130KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

953c9a0b09699dcf05600b2186d4c7b5

Headers

File Characteristics

Imports

comctl32

kernel32

shell32

user32

Sections

Size: 52KB - Virtual size: 56KB

Size: 3KB - Virtual size: 8KB

Size: 4KB - Virtual size: 16KB

Size: 112KB - Virtual size: 612KB

Size: 130KB - Virtual size: 132KB

Size: 1KB - Virtual size: 4KB

.rsrc Size: 113KB - Virtual size: 116KB

.rsrc
Size: 113KB - Virtual size: 116KB