1a40762fe3856fb160199339c18a360e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1a40762fe3856fb160199339c18a360e_JaffaCakes118
Size

244KB
MD5

1a40762fe3856fb160199339c18a360e
SHA1

12d012ae822ec3ee997301d205bd7daa3ea6a84b
SHA256

68a7fb4ba15090996388bd08a76f29d94eb1d66ca70bc719d5a74c739da281de
SHA512

4496a8ba14a2b1dedd3730d76c1e6ca55378f41e94c717213443f7ef41ee0f627350dbd287e2983838ae9bf5006dfbc63d40339fc5adbed1a3646a034733c54f
SSDEEP

3072:QkPOMtXLEA6kkDYdhGxo8f2LkiCXl5/MMzu//ZaGD:Q4tXY5kPdtgxu/xzD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a40762fe3856fb160199339c18a360e_JaffaCakes118

Files

1a40762fe3856fb160199339c18a360e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e1ea85bbee9fc5739705a438c5cf8ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
ReadFile
SetEndOfFile
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetOEMCP
GetACP
GetCPInfo
CreateFileA
FlushFileBuffers
LCMapStringW
SetFilePointer
SetConsoleCtrlHandler
VirtualAlloc
HeapReAlloc
HeapAlloc
RtlUnwind
VirtualFree
HeapFree
HeapCreate
HeapDestroy
GetFileType
CompareStringA
CompareStringW
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
TerminateProcess
CloseHandle
WinExec
GetDriveTypeA
CopyFileA
SetFileAttributesA
SetStdHandle
GetModuleFileNameA
ExitProcess
GetCurrentProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
IsBadWritePtr
IsBadReadPtr
HeapValidate
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetLastError
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
SetEnvironmentVariableA

user32

KillTimer
RegisterHotKey
BeginPaint
GetClientRect
EndPaint
UnregisterHotKey
PostQuitMessage
DefWindowProcA
CreateWindowExA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetDC
GetSystemMetrics
FillRect
DrawTextA
SetTimer

gdi32

CreateCompatibleBitmap
SelectObject
CreateSolidBrush
CreateFontA
SetBkMode
SetTextColor
DeleteObject
BitBlt
DeleteDC
CreateCompatibleDC

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.adate
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8e1ea85bbee9fc5739705a438c5cf8ec

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 144KB - Virtual size: 143KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 13KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 4KB

.adate Size: 64KB - Virtual size: 60KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 13KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 4KB

.adate
Size: 64KB - Virtual size: 60KB