073e1a0b02ce8195b844bbabcededdd9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

073e1a0b02ce8195b844bbabcededdd9_JaffaCakes118
Size

516KB
MD5

073e1a0b02ce8195b844bbabcededdd9
SHA1

3599f55cccde248fad8f235352d51700914c5a31
SHA256

b45d73fe297a0dd46a4cb58522224d28c1bf750988ce3388701ba4924080a731
SHA512

84f81d2a1f2729239eec0b55697a4b1023889c788d33df41a046d8eb924871a81afe90b5016d03c18b22a8767884e6fc558f61e29d2484061c87a8e2faa1ddf7
SSDEEP

12288://wv4SOari0ThDIQixekn/oXSNhajbw4q6://wQDOhDIVL/oXyqbwM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
073e1a0b02ce8195b844bbabcededdd9_JaffaCakes118

Files

073e1a0b02ce8195b844bbabcededdd9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8d7c96d8bd83a880bdb3c25165f84c72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

LCMapStringA
GetLocaleInfoA
HeapDestroy
GetLocaleInfoW
UnlockFileEx
GetModuleFileNameA
GetStartupInfoA
GetEnvironmentStrings
TlsFree
GetDateFormatA
MultiByteToWideChar
SetFilePointer
GetCurrentProcess
CreateMutexA
EnterCriticalSection
IsValidLocale
GetSystemInfo
LCMapStringW
GetStdHandle
FindAtomW
TerminateProcess
GetVersionExA
SetStdHandle
VirtualProtect
GetLastError
FindResourceA
IsBadWritePtr
GetCurrentProcessId
GetEnvironmentVariableW
SetConsoleTextAttribute
GetCurrentThreadId
UnhandledExceptionFilter
TlsGetValue
FreeEnvironmentStringsA
GetOEMCP
FreeEnvironmentStringsW
GetModuleHandleA
GetTimeFormatA
GetCurrentThread
HeapReAlloc
GetFileType
GetCPInfo
CompareStringA
ReadFile
ExitProcess
WriteFile
EnumSystemLocalesA
GetStringTypeW
TlsAlloc
InitializeCriticalSection
VirtualQuery
CreateFileA
InterlockedExchange
CloseHandle
VirtualFree
OpenProcess
IsValidCodePage
GetComputerNameW
HeapSize
GetTimeZoneInformation
VirtualAlloc
SetHandleCount
TlsSetValue
LoadLibraryA
RtlUnwind
OpenMutexA
CompareStringW
ConnectNamedPipe
GetUserDefaultLCID
FlushFileBuffers
HeapCreate
HeapFree
LeaveCriticalSection
MoveFileA
SetEnvironmentVariableA
GetSystemTimeAsFileTime
GetCommandLineA
SetConsoleScreenBufferSize
GetTickCount
WideCharToMultiByte
DeleteCriticalSection
TransmitCommChar
GetThreadTimes
GetPriorityClass
HeapAlloc
GetACP
EnumSystemCodePagesA
GetProcAddress
QueryPerformanceCounter
GetEnvironmentStringsW
SetLastError
GetStringTypeA

user32

RegisterWindowMessageW
DefDlgProcW
GetClassInfoExA
DrawStateW
RegisterClassA
GetUserObjectInformationW
CopyImage
GetMonitorInfoW
RegisterClassExA
DlgDirSelectComboBoxExA

shell32

ExtractIconExA
SHGetPathFromIDListA
SheSetCurDrive
SHFileOperationA

Sections

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d7c96d8bd83a880bdb3c25165f84c72

Headers

File Characteristics

Imports

comctl32

kernel32

user32

shell32

Sections

.text Size: 184KB - Virtual size: 184KB

.rdata Size: 8KB - Virtual size: 12KB

.data Size: 312KB - Virtual size: 312KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 184KB - Virtual size: 184KB

.rdata
Size: 8KB - Virtual size: 12KB

.data
Size: 312KB - Virtual size: 312KB

.rsrc
Size: 10KB - Virtual size: 9KB