0559c6bba603a094b4a8aeeada455e0b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0559c6bba603a094b4a8aeeada455e0b_JaffaCakes118
Size

667KB
MD5

0559c6bba603a094b4a8aeeada455e0b
SHA1

325f87838273e58064fb7bdfe1db52a4cc39d88f
SHA256

d816eacf83a10a45cd4e7b4dc8603cc7cc89c1da87e03d20dfcc240099de26db
SHA512

5cad86943b9d390920c49e3d741e18937ff3277abbd1435782b4149d04ca57a334767d8986f6d0db9a96d9911652339faa58abc50328c11fdb1875f6277a2fc3
SSDEEP

12288:6n2AxocgdQ2+P3ybnQX172FYs4E0uXEMJpdh4Q3kwn9u5bu5sTSQeXp:62AOcb2+vkUCN0Q1p0wAUQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0559c6bba603a094b4a8aeeada455e0b_JaffaCakes118

Files

0559c6bba603a094b4a8aeeada455e0b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bbe622d2828fbc8e04a7e76ce149346e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
Sleep
VirtualFree
HeapCreate
IsValidCodePage
CreateProcessA
GetEnvironmentStrings
GetCurrentThreadId
GetModuleHandleW
GetACP
CloseHandle
FindFirstFileA
ReadFile
SetFilePointer
TlsFree
CompareStringA
RaiseException
InterlockedCompareExchange
HeapSize
WideCharToMultiByte
LockResource
GetCurrentProcessId
SizeofResource
FileTimeToLocalFileTime
lstrlenW
GlobalAlloc
GlobalUnlock
GetEnvironmentStringsW
LCMapStringA
GetConsoleCP
lstrlenA
LCMapStringW
GetLastError
LeaveCriticalSection
ExitProcess
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
GlobalLock
FindFirstFileW
ResetEvent
FindNextFileW
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
InterlockedIncrement
GetVersion
SetEndOfFile
VirtualQuery
WriteConsoleA
TerminateProcess
GetSystemDirectoryA
MulDiv
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
InterlockedDecrement
SetLastError
GetCurrentThread
OutputDebugStringA
FormatMessageA
TlsGetValue
FindClose
LoadResource
InitializeCriticalSection
FormatMessageW
LocalFree
GetOEMCP
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetCommandLineA
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
GetCPInfo
GetTempPathA
SetStdHandle
FreeEnvironmentStringsW
ExpandEnvironmentStringsA
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
GetConsoleOutputCP
GetStdHandle
GetEnvironmentVariableA
RtlUnwind

user32

SetCursor
GetClientRect
SendMessageA
InvalidateRect
GetKeyState
GetSysColor
GetFocus
DialogBoxParamA
MessageBoxA
SetDlgItemTextA
EndDialog
SetForegroundWindow
LoadIconA
GetDlgItem
SetWindowTextA
SetWindowLongA
PostMessageA
IsIconic
GetWindowRect
GetSystemMetrics
DefWindowProcA
BeginPaint
SetFocus
DispatchMessageA
FillRect
CreateWindowExA
GetWindowLongA
RegisterClassA
EnableMenuItem
LoadStringA
IsWindowEnabled
TranslateMessage
EnableWindow
ShowWindow
UpdateWindow
GetParent
DestroyWindow
GetCursorPos
GetDC
IsWindow
SetWindowPos
ReleaseDC
PostQuitMessage

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 642KB - Virtual size: 642KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bbe622d2828fbc8e04a7e76ce149346e

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 23KB - Virtual size: 23KB

.data Size: 642KB - Virtual size: 642KB

.text
Size: 23KB - Virtual size: 23KB

.data
Size: 642KB - Virtual size: 642KB