1a4e232e7ccb1b7b06ec5d73b0649117_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1a4e232e7ccb1b7b06ec5d73b0649117_JaffaCakes118
Size

373KB
MD5

1a4e232e7ccb1b7b06ec5d73b0649117
SHA1

6a8950a743123e690a38baf78b8b87c68f79c057
SHA256

38574f39df04ac1765c684ea6379165e6db4346fbeff6ec32ac3fe314ea1b6f2
SHA512

389b91ff23660a2848a6a7d0fccf6649f4fdcb9cf40596997ffed026ba58cfd9a2dfa2c9e401159f9771430c0578208abb6a4af96757f8cb286525547933c091
SSDEEP

6144:YcQsyHvorQXdI4VAgrwF6P1Vj/Gw/WwrvQ4BYxUr4Ya8x9E0n0dVGq4PcYvBDhVk:YcQsmoUORg8QPLj+yWYvQ4Os4XK97n0j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a4e232e7ccb1b7b06ec5d73b0649117_JaffaCakes118

Files

1a4e232e7ccb1b7b06ec5d73b0649117_JaffaCakes118
.exe windows:4 windows x86 arch:x86

406981a27a124541f3d73effa4dcb0e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
CompareStringW
GetCurrentProcess
GetCurrentThreadId
SetHandleCount
EnumSystemLocalesA
GetLastError
GetFileType
CompareStringA
GetProcAddress
HeapSize
FlushFileBuffers
ReadFile
ExitProcess
GetOEMCP
OpenMutexA
GetEnvironmentStringsW
LoadLibraryA
GetEnvironmentStrings
SetLastError
ReadConsoleOutputW
TlsSetValue
GetUserDefaultLCID
QueryPerformanceCounter
InterlockedExchange
SetEnvironmentVariableA
FreeEnvironmentStringsA
TlsGetValue
WideCharToMultiByte
VirtualQuery
GetCommandLineA
LCMapStringW
GetCurrentProcessId
HeapReAlloc
MultiByteToWideChar
GetTimeFormatA
GetStringTypeA
GetModuleFileNameW
GetVersionExA
WriteFile
VirtualAlloc
TlsAlloc
HeapAlloc
HeapDestroy
GetSystemTimeAsFileTime
RtlUnwind
IsValidLocale
GetCPInfo
GetTimeZoneInformation
EnterCriticalSection
LCMapStringA
TerminateProcess
TransmitCommChar
VirtualFree
GetACP
CloseHandle
GetLocaleInfoA
SetStdHandle
UnhandledExceptionFilter
GetStringTypeW
GetStartupInfoW
GetCommandLineW
VirtualUnlock
SetFilePointer
GetModuleFileNameA
GetSystemInfo
HeapFree
TlsFree
GetCurrentThread
GetTickCount
GetLocaleInfoW
IsValidCodePage
GetEnvironmentVariableA
GetModuleHandleA
GetStartupInfoA
IsBadWritePtr
LeaveCriticalSection
GetStdHandle
HeapCreate
GetDateFormatA
CreateMutexA
FreeEnvironmentStringsW
VirtualProtect
DeleteCriticalSection

user32

OpenInputDesktop
CreateMDIWindowW
ClipCursor
ToAsciiEx
ExcludeUpdateRgn
CharLowerW
PackDDElParam
GetQueueStatus
GetWindowDC
GetMenuInfo
LoadImageW
IntersectRect
RegisterClassA
DrawMenuBar
GetWindowTextLengthW
CloseWindow
GetDlgItemTextW
SetRect
CountClipboardFormats
DialogBoxIndirectParamA
LoadBitmapA
ExitWindowsEx
RegisterClassExA
IsIconic
FindWindowExW
ShowWindow

comctl32

InitCommonControlsEx

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

406981a27a124541f3d73effa4dcb0e7

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 146KB - Virtual size: 146KB

.rdata Size: 8KB - Virtual size: 35KB

.data Size: 205KB - Virtual size: 205KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 146KB - Virtual size: 146KB

.rdata
Size: 8KB - Virtual size: 35KB

.data
Size: 205KB - Virtual size: 205KB

.rsrc
Size: 12KB - Virtual size: 11KB