04d93d7f733df7261dd6ad78387013af_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

04d93d7f733df7261dd6ad78387013af_JaffaCakes118
Size

350KB
MD5

04d93d7f733df7261dd6ad78387013af
SHA1

4d0096be3d3ca4e0ba801c0da7f3087bb852015f
SHA256

49c2dcf7073e9a013416f9cc57a467b06a8b9a6c8db7e3d8a4e98d5a5f7fdc69
SHA512

384e4dd8018143481d1527bfa09cba3f28ab1a910166dc3201d8bba051173d9b6df7efc5712c98781029c8e01f2d6c766e7fcae02097dafebed29c376e038824
SSDEEP

6144:gAL/6Ivd6WFFs0TJZczikRVEfHw0F2HGIUTwiPD8FjOF7:g6/Hvd6W/J3RgHJUMVqF7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04d93d7f733df7261dd6ad78387013af_JaffaCakes118

Files

04d93d7f733df7261dd6ad78387013af_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57bd19bf4a5f94bf2dd72a15f16be0c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
SetStdHandle
ReadFile
GetSystemInfo
GetLastError
CompareStringW
GetStartupInfoA
LocalSize
GetDateFormatA
SetFilePointer
IsValidLocale
HeapAlloc
TlsSetValue
FreeEnvironmentStringsA
LoadLibraryA
CreateMutexA
IsBadWritePtr
SetHandleCount
TerminateProcess
GetProcAddress
LCMapStringA
InterlockedExchange
HeapFree
GetCPInfo
MultiByteToWideChar
WideCharToMultiByte
RtlUnwind
GetModuleHandleA
TlsAlloc
GetStringTypeW
LCMapStringW
DeleteCriticalSection
GetTimeZoneInformation
CloseHandle
GetModuleFileNameA
GetUserDefaultLCID
GetOEMCP
GetFileType
WriteFile
QueryPerformanceCounter
FreeEnvironmentStringsW
GetCommandLineA
VirtualFree
GetACP
GetLocaleInfoA
FlushFileBuffers
GetStdHandle
HeapReAlloc
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleFileNameW
HeapSize
SetEnvironmentVariableA
GetTickCount
GetVersionExA
GetSystemTimeAsFileTime
VirtualAlloc
GetLocaleInfoW
TlsGetValue
EnterCriticalSection
VirtualQuery
OpenMutexA
HeapCreate
SetLastError
LeaveCriticalSection
EnumSystemLocalesA
InitializeCriticalSection
ExitProcess
UnhandledExceptionFilter
TlsFree
GetCommandLineW
GetCurrentProcessId
HeapDestroy
GetCurrentThread
GetCurrentThreadId
GetStringTypeA
GetStartupInfoW
IsValidCodePage
VirtualProtect
CompareStringA
GetTimeFormatA

user32

InvalidateRgn
DdeImpersonateClient
GetQueueStatus
RegisterClassA
ShowWindowAsync
RegisterWindowMessageW
GetWindowInfo
DefWindowProcA
DdeQueryConvInfo
RegisterClassExA
SetSysColors
InsertMenuItemA
SendIMEMessageExA
DlgDirSelectComboBoxExW

comctl32

InitCommonControlsEx

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57bd19bf4a5f94bf2dd72a15f16be0c0

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 7KB - Virtual size: 19KB

.data Size: 170KB - Virtual size: 170KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 7KB - Virtual size: 19KB

.data
Size: 170KB - Virtual size: 170KB

.rsrc
Size: 15KB - Virtual size: 15KB