07f178cac97f4ed2f096e313d2e12ebf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07f178cac97f4ed2f096e313d2e12ebf_JaffaCakes118
Size

610KB
MD5

07f178cac97f4ed2f096e313d2e12ebf
SHA1

2145da23516a4bbc7cd8756c753043100658e257
SHA256

b825f61d14a5a961c7252fcf69dbe4bcce3e636cd2f699ca047e450b0d85cb1f
SHA512

59fb2b05aa05621f30ba16a500b4286104804d948b9d095e97c42f7eb655b8218a00ad97716c859c44c18421f61a5445d823cd5889e56ba16c3ef420b83d25ad
SSDEEP

12288:kh5gpEEHbCgZmkkBZykuDqD2KLyhND88x1IhDKks:kfgpEE7Hy0k2KLyhltd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07f178cac97f4ed2f096e313d2e12ebf_JaffaCakes118

Files

07f178cac97f4ed2f096e313d2e12ebf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

144063112f019a823d9965f304197b7d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

DrawEdge
GrayStringW
ChildWindowFromPointEx
GetAncestor
TranslateAccelerator
SystemParametersInfoW
GetClassInfoA
SetScrollPos
GetDlgItem
GetListBoxInfo
RegisterClassA
ClipCursor
CharPrevExA
CharLowerBuffW
ChangeDisplaySettingsA
LoadCursorFromFileA
SetWindowsHookExW
RegisterClassExA
GetMenu
DialogBoxIndirectParamW
DialogBoxParamW
SetClassWord

kernel32

CompareStringA
EnumSystemLocalesA
GetModuleFileNameW
OpenMutexA
QueryPerformanceCounter
GetStringTypeW
EnterCriticalSection
GetConsoleMode
SetStdHandle
GetEnvironmentStrings
VirtualFree
InitializeCriticalSection
GetTimeZoneInformation
HeapDestroy
CloseHandle
InterlockedExchange
GetProcAddress
GetTempPathA
RtlUnwind
GlobalGetAtomNameW
CreateFileA
SetUnhandledExceptionFilter
GetCurrentProcessId
HeapReAlloc
TerminateProcess
GetTimeFormatA
TlsSetValue
DeleteAtom
GetCurrentThreadId
TlsFree
GetFileType
WriteFile
HeapAlloc
OpenFile
CreateRemoteThread
GetUserDefaultLCID
GetCurrentProcess
LeaveCriticalSection
VirtualQuery
CreateWaitableTimerA
SetEnvironmentVariableA
Sleep
FreeEnvironmentStringsW
GetVersionExA
HeapFree
WriteConsoleW
TlsAlloc
DeleteCriticalSection
GetStringTypeA
GetACP
IsValidCodePage
HeapSize
IsDebuggerPresent
WriteConsoleA
ExitProcess
MultiByteToWideChar
SetConsoleCtrlHandler
FlushFileBuffers
GetProcessHeap
LoadLibraryA
FreeLibrary
GetStartupInfoA
SetFilePointer
SetLastError
CreateMutexA
GetConsoleOutputCP
GetCommandLineA
DosDateTimeToFileTime
UnhandledExceptionFilter
TlsGetValue
GetLastError
FreeEnvironmentStringsA
GetLocaleInfoA
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThread
InterlockedDecrement
IsValidLocale
GetDateFormatA
VirtualAlloc
ReadFile
GetCPInfo
GetConsoleCP
GetOEMCP
GetLocaleInfoW
WideCharToMultiByte
GetModuleHandleA
LCMapStringA
HeapCreate
GetEnvironmentStringsW
GetStartupInfoW
GetStdHandle
CompareStringW
ConvertDefaultLocale
SetHandleCount
TransactNamedPipe
LCMapStringW
GetCommandLineW
GetModuleFileNameA
InterlockedIncrement

Sections

.text
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

144063112f019a823d9965f304197b7d

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 269KB - Virtual size: 269KB

.rdata Size: 9KB - Virtual size: 29KB

.data Size: 320KB - Virtual size: 320KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 269KB - Virtual size: 269KB

.rdata
Size: 9KB - Virtual size: 29KB

.data
Size: 320KB - Virtual size: 320KB

.rsrc
Size: 10KB - Virtual size: 9KB