04e540a93fa23416e80e5f10988c9405_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

04e540a93fa23416e80e5f10988c9405_JaffaCakes118
Size

449KB
MD5

04e540a93fa23416e80e5f10988c9405
SHA1

7fc59a4221279638ccf9e81221e1b22de31f42a5
SHA256

6466dd7aa3ac97da74fc907168237e6bb83013ce930a2eaf06c473520cf9bd8d
SHA512

bf1995961c245d4fe0f315d40f92999aaeab72e5cfbb55b4b85b7ce87b2921c1f84dda00509cfb4c6579d62acc9e00e25fe76d1835960e4c93ccb0eb9dd2116b
SSDEEP

6144:JG+xiZlruMF2G7cv6V2dM5Bb/IYUbTv9tbbrNWOC+1C6cFurMi1v1X9044:JGuSlJ0d4dIJ/bbrMQcF5UX90h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04e540a93fa23416e80e5f10988c9405_JaffaCakes118

Files

04e540a93fa23416e80e5f10988c9405_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0856d3c1ecedf5b7d92c0d6764796447

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
GetModuleFileNameA
SetLastError
WriteConsoleOutputCharacterA
TlsFree
LeaveCriticalSection
GetLocaleInfoA
GetSystemTimeAsFileTime
IsDebuggerPresent
InterlockedIncrement
FreeResource
TlsSetValue
GetCurrentThread
VirtualQuery
TlsGetValue
TerminateProcess
DeleteCriticalSection
GetEnvironmentStrings
IsValidLocale
RtlUnwind
MultiByteToWideChar
GetCurrentThreadId
FreeEnvironmentStringsW
GetStartupInfoA
ExitProcess
LCMapStringA
GetEnvironmentStringsW
GetStringTypeA
GetModuleHandleA
GetDateFormatA
FreeEnvironmentStringsA
TlsAlloc
WriteFile
AddAtomA
InitializeCriticalSectionAndSpinCount
GetSystemDirectoryA
CreateSemaphoreW
GetUserDefaultLCID
HeapReAlloc
EnterCriticalSection
QueryPerformanceCounter
HeapSize
HeapAlloc
GetCurrentProcessId
WriteProfileSectionA
FindResourceExA
ContinueDebugEvent
VirtualAlloc
GetACP
CompareStringA
GetCPInfo
FindFirstFileExA
UnhandledExceptionFilter
SetHandleCount
GetEnvironmentVariableW
WriteConsoleOutputAttribute
GetProcAddress
EnumSystemLocalesA
GetModuleHandleW
InterlockedExchange
AddAtomW
LocalFlags
HeapFree
SetConsoleCtrlHandler
GetTimeFormatA
GetCommandLineA
GetStringTypeExA
GetTimeZoneInformation
lstrcmpi
VirtualFree
GetLocaleInfoW
GetCurrentProcess
GetFileType
WriteConsoleInputA
FreeLibrary
WaitForMultipleObjects
LoadLibraryA
IsValidCodePage
GetStringTypeW
GetOEMCP
CompareStringW
InterlockedDecrement
LCMapStringW
WideCharToMultiByte
SetUnhandledExceptionFilter
GetConsoleScreenBufferInfo
GetStdHandle
GetTickCount
GetLastError
Sleep
SetEnvironmentVariableA
SetLocaleInfoW
HeapCreate

comdlg32

LoadAlterBitmap
GetOpenFileNameA
ChooseFontA

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0856d3c1ecedf5b7d92c0d6764796447

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 144KB - Virtual size: 144KB

.rdata Size: 8KB - Virtual size: 30KB

.data Size: 281KB - Virtual size: 280KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 144KB - Virtual size: 144KB

.rdata
Size: 8KB - Virtual size: 30KB

.data
Size: 281KB - Virtual size: 280KB

.rsrc
Size: 14KB - Virtual size: 13KB