061c45a174696205d0c1bc538d7c12b8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

061c45a174696205d0c1bc538d7c12b8_JaffaCakes118
Size

275KB
MD5

061c45a174696205d0c1bc538d7c12b8
SHA1

20a5308ffef19fa460ba46b9d9d4a879e4fbf449
SHA256

5877f281a4203ea50f95dcde518bd70809646f7434661dbc24c693f1f1fa93c2
SHA512

f3d7badf622b545302f5e94198c0016c7a8fa218b8746ad6e4d82f2e146f3b2615299493e6470efc1fc24bc79d30fbf9d68f5c9a2cf0c821425eb55f0cfeefcc
SSDEEP

6144:oezA5EnknTZD+9Y6U+NUYYRm83k7t6PirKVPl3k+ZEbZZ+E82uMO:o1TZD+9Y63Ne2MirKxl3k+qbZ5M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
061c45a174696205d0c1bc538d7c12b8_JaffaCakes118

Files

061c45a174696205d0c1bc538d7c12b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a67a1d29fd487ac51dd0926e8f4ac067

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
IsDebuggerPresent
CompareStringA
DeleteCriticalSection
HeapCreate
FreeLibrary
HeapAlloc
LoadLibraryA
GetCurrentThread
TlsFree
EnterCriticalSection
GlobalDeleteAtom
FreeEnvironmentStringsW
GetLastError
WriteFile
SetUnhandledExceptionFilter
GetEnvironmentStringsW
InitializeCriticalSection
InterlockedDecrement
EnumSystemLocalesA
VirtualFree
GetProcessHeap
InterlockedIncrement
GetStartupInfoA
GetTimeZoneInformation
LCMapStringA
GetUserDefaultLCID
HeapSize
GetProcAddress
GetCPInfo
HeapDestroy
HeapFree
CompareStringW
GetOEMCP
GetProfileSectionA
LCMapStringW
VirtualQuery
TlsAlloc
LeaveCriticalSection
TlsSetValue
GetFileType
MultiByteToWideChar
GetCommandLineA
GetVersionExA
HeapReAlloc
Sleep
ExitProcess
GetACP
FreeEnvironmentStringsA
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
SetHandleCount
GetModuleHandleA
GetStringTypeW
SetConsoleCtrlHandler
SetEnvironmentVariableA
GetCurrentThreadId
UnhandledExceptionFilter
IsValidCodePage
GetLocaleInfoW
GetTimeFormatA
GetCurrentProcessId
GetModuleFileNameA
SetLastError
GetLocaleInfoA
lstrcmpA
GetTickCount
IsValidLocale
GetDateFormatA
GetStringTypeA
WideCharToMultiByte
TlsGetValue
RtlUnwind
GetStdHandle
GetSystemTimeAsFileTime
InterlockedExchange

comdlg32

PageSetupDlgW
ChooseFontA
ReplaceTextA
GetFileTitleW
GetSaveFileNameW
LoadAlterBitmap
GetSaveFileNameA
ReplaceTextW
GetOpenFileNameW
PrintDlgA
ChooseColorA
PageSetupDlgA

user32

ScreenToClient
GetKeyboardState
DestroyCursor
GetNextDlgGroupItem
DrawTextExW
wsprintfW
GetAncestor
DdeCreateDataHandle
wvsprintfW
ChildWindowFromPointEx
GetIconInfo
EndDialog
GetKeyboardLayoutList
LoadImageA

gdi32

SetMetaRgn

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a67a1d29fd487ac51dd0926e8f4ac067

Headers

File Characteristics

Imports

kernel32

comdlg32

user32

gdi32

Sections

.text Size: 132KB - Virtual size: 132KB

.data Size: 139KB - Virtual size: 158KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 132KB - Virtual size: 132KB

.data
Size: 139KB - Virtual size: 158KB

.rsrc
Size: 2KB - Virtual size: 2KB