16446b1bd222f2abf74ea4a571815740_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16446b1bd222f2abf74ea4a571815740_JaffaCakes118
Size

857KB
MD5

16446b1bd222f2abf74ea4a571815740
SHA1

c40b96de1146219629bc4d41ca610e050854d241
SHA256

0c329d6de13aac8dd50190c955a0dd90300eee5b7e53e598ed0d483767760b66
SHA512

24665f06efd89e5f4c0c2c4c519c5eaa4e9f2d73fad0b733b26e96a8aa722d39bdf1fa2ba3b903c0ee7bf35ce9eb104f3a3eb822678c7e6a0f9e480c94c3ddfd
SSDEEP

24576:W8BbrBqQsUNUhRMLXboT88F3cZm2hc1MiLNI0s/b:5bEWq4kI8F3cZZvD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16446b1bd222f2abf74ea4a571815740_JaffaCakes118

Files

16446b1bd222f2abf74ea4a571815740_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e05d8a847a90b1d8d53509421f243d7e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalDeleteAtom
LoadLibraryA
TlsFree
GetModuleFileNameW
GetCommandLineA
CreateFileW
GetFileAttributesA
LeaveCriticalSection
CreateMutexA
FileTimeToLocalFileTime
EnumSystemLocalesA
EnterCriticalSection
LocalReAlloc
FreeLibrary
GetTempFileNameW
GetFileType
CreateMutexW
LoadResource
SetThreadPriority
UnlockFile
GetSystemDirectoryA
GetVersionExW
IsValidLocale
GetLocaleInfoA
GetConsoleCP
SetHandleCount
ExpandEnvironmentStringsW
lstrlenW
GetSystemTimeAsFileTime
TlsAlloc
IsDebuggerPresent
ExitProcess
FreeEnvironmentStringsA
HeapFree
GetEnvironmentVariableW
WideCharToMultiByte
FindResourceA
GetCommandLineW
GetPrivateProfileStringW
ReleaseMutex
CreateEventA
MapViewOfFile
HeapReAlloc
GetDriveTypeA
GetUserDefaultLCID
LockResource
VirtualAlloc
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount

msvcrt

__getmainargs
_vsnprintf
__CxxFrameHandler
_unlock
??_U@YAPAXI@Z
_onexit
__setusermatherr
isdigit
??2@YAPAXI@Z
__p__commode
_wtol
malloc
_stricmp
wcsncmp
_wcsnicmp
??0exception@@QAE@ABV0@@Z
exit
memset
__set_app_type

user32

ReleaseCapture
GetIconInfo
GetSysColorBrush
GetClientRect
GetWindowTextA
BringWindowToTop
GetCursorPos
InflateRect
RegisterClassExW
DrawIcon
SetCursor
RegisterClassA
IsWindow
GetMenuItemCount
CallWindowProcA
UpdateWindow
GetWindowLongA
DrawTextW
SetWindowRgn
IsDlgButtonChecked
KillTimer
SetWindowsHookExW
LoadImageW
LoadBitmapA
ShowWindow

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 617KB - Virtual size: 617KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e05d8a847a90b1d8d53509421f243d7e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 617KB - Virtual size: 617KB

.data Size: 107KB - Virtual size: 1.6MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 617KB - Virtual size: 617KB

.data
Size: 107KB - Virtual size: 1.6MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B