1ac4fb7a9037fe498adea3282988d1bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1ac4fb7a9037fe498adea3282988d1bb_JaffaCakes118
Size

158KB
MD5

1ac4fb7a9037fe498adea3282988d1bb
SHA1

a3c8b12c60ec8b5a0f3e4c3a73374be29c4b89a3
SHA256

96de32c8ca3f88217754a205fba66cd7ce29e7d45baf31935700e2be8f8b4fcf
SHA512

21384451c08c96583cc3dc3d4996bb8386289756e608ee4955b5dc9436620836afda012344cbc9d9306ae6d95f25920c79ebd30393cb0e7b57209b5eb47eb43c
SSDEEP

3072:Ks6yRtYkmmno4OXTCSSHaVNfvLfk2aEObnp4HJuS7zytNYygxFPaDCmcq:Ks6yj9vo9TtZxjk2Ul8JuS70bki+7q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ac4fb7a9037fe498adea3282988d1bb_JaffaCakes118

Files

1ac4fb7a9037fe498adea3282988d1bb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8425dfe2a7acdf512174cee4dfc31af4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileA
CopyFileA
HeapFree
DosDateTimeToFileTime
GetFileSize
GetSystemTimeAsFileTime
EnterCriticalSection
SetUnhandledExceptionFilter
GetCurrentThreadId
QueryDosDeviceA
CreateEventW
WriteFile
SetEnvironmentVariableA
DeleteFileA
DeviceIoControl
FormatMessageA
WideCharToMultiByte
GetSystemTime
CloseHandle
SetEndOfFile
GetUserDefaultLangID
GetProcessHeap
CreateThread
GetCurrentProcess
GetCurrentThreadId
GetDriveTypeA
VirtualQuery
OpenEventA
HeapAlloc
GetEnvironmentVariableA
WaitForMultipleObjects
GetCurrentDirectoryA
RemoveDirectoryA
LeaveCriticalSection
GetFileAttributesA
FindFirstFileA
FreeLibrary
CreateEventA
ReadFile
Sleep
GetProcAddress
QueryPerformanceCounter
GetModuleHandleA
FlushFileBuffers
SetFileAttributesA
SetEvent
GetDiskFreeSpaceA
FindNextFileA
GetVersionExA
SetLastError
CreateProcessA
ExitProcess
ExpandEnvironmentStringsA
GetCurrentProcessId
MoveFileA
GetSystemDirectoryA
InitializeCriticalSectionAndSpinCount
SystemTimeToFileTime
CreateFileA
SetErrorMode
GetCommandLineA
CreateDirectoryA
GetTickCount
SetComputerNameA
MoveFileExA
GetExitCodeProcess
GetLastError
TerminateProcess
FindClose
LocalFileTimeToFileTime
DeleteCriticalSection
SetFilePointer
GetModuleFileNameA
SetFileTime

shell32

SHGetPathFromIDListA
SHBrowseForFolderA

user32

SendDlgItemMessageA
SetParent
SendMessageA
DialogBoxParamA
EndDialog
LoadStringA
MessageBoxA
ShowWindow

advapi32

InitiateSystemShutdownA
CryptGenRandom
GetTokenInformation
SetSecurityDescriptorDacl
OpenProcessToken
CryptAcquireContextA
AllocateAndInitializeSid
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
GetLengthSid
CryptReleaseContext

msvcrt

strstr
strchr
_snprintf
_strlwr
sprintf
_strnicmp
strrchr
_vsnprintf
_stricmp
strncpy

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gxmoj
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 139KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8425dfe2a7acdf512174cee4dfc31af4

Headers

File Characteristics

Imports

kernel32

shell32

user32

advapi32

msvcrt

Sections

.text Size: 9KB - Virtual size: 9KB

.data Size: 5KB - Virtual size: 9KB

.gxmoj Size: 3KB - Virtual size: 3KB

.edata Size: 139KB - Virtual size: 155KB

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 5KB - Virtual size: 9KB

.gxmoj
Size: 3KB - Virtual size: 3KB

.edata
Size: 139KB - Virtual size: 155KB