1b8ea6a2d10a1a95d5ded251766dc428_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1b8ea6a2d10a1a95d5ded251766dc428_JaffaCakes118
Size

208KB
MD5

1b8ea6a2d10a1a95d5ded251766dc428
SHA1

16bb0bfd1a9e395de9566fd1f2b4fe8a905870ce
SHA256

55d2a664553fc32f49867dc5afbed00c8ba47cb73ad579f0f8f83cc645e7d803
SHA512

8db23dc3780c0a40a2ae8e948f8bbef4856406b37fdea474f2ce99f5ec07144bdde8ca827f5adc4d502c8c2874eb49ed90cb31df3a7fd1794c77532a1927e7d0
SSDEEP

3072:tmISF9eKMc7CBpOM3P1GaJJnaAqTI9Dfee5Yuz1iRIEqf0u0hzUPvmjrhcK4Uk5h:kX9eKV+wMdfqT2DB2W+Hrcv8+K4l5lj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b8ea6a2d10a1a95d5ded251766dc428_JaffaCakes118

Files

1b8ea6a2d10a1a95d5ded251766dc428_JaffaCakes118
.exe windows:1 windows x86 arch:x86

6f291d70beedea000366ec04a6b0f8c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
OpenEventA
CreateFileA
LeaveCriticalSection
SetEvent
lstrcmpA
FindResourceA
GetCurrentThreadId
GetStringTypeA
RaiseException
DeleteCriticalSection
OpenProcess
GetProcessAffinityMask
FreeLibrary
DeviceIoControl
LoadResource
lstrcpyA
Module32Next
GetStartupInfoA
HeapFree
GetTickCount
GetConsoleOutputCP
GetTimeFormatA
TlsSetValue
WriteFile
VirtualFree
FileTimeToSystemTime
LoadLibraryA
InterlockedExchange
GlobalUnlock
GetCurrentProcess
CreateFileMappingA
CreateToolhelp32Snapshot
RtlUnwind
PulseEvent
SetErrorMode
GetStdHandle
GlobalReAlloc
GetSystemInfo
IsBadStringPtrA
CloseHandle
EnterCriticalSection

user32

SendMessageA
PostMessageA
KillTimer
SetClassLongA
CopyRect
DeleteMenu
PtInRect
TrackPopupMenu
CreateIconIndirect
FindWindowExA
GetWindowRect
CreateMenu
SetCursor
SendMessageTimeoutA
GetCursorPos
BeginDeferWindowPos
DefWindowProcA
MsgWaitForMultipleObjects
ClientToScreen
LoadAcceleratorsA
DialogBoxIndirectParamA
CloseClipboard
GetWindowTextA
EmptyClipboard
InvalidateRgn
DefFrameProcA
AppendMenuA
ChildWindowFromPoint
GetCapture
OpenClipboard
IsWindowVisible
GetUserObjectSecurity
EnumChildWindows
DrawFrameControl
SetWindowPlacement
IsZoomed
IntersectRect
InvalidateRect
FindWindowA
SetWindowTextA
CheckMenuRadioItem
RedrawWindow
CreateDialogParamA
UpdateWindow

msvcrt

memcpy
__set_app_type
__setusermatherr
__p__fmode
_controlfp
_exit
_XcptFilter
_adjust_fdiv
_initterm
exit
__getmainargs
__p__commode
_acmdln
_except_handler3

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f291d70beedea000366ec04a6b0f8c5

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 184KB - Virtual size: 183KB

.data Size: 512B - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 164B

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 184KB - Virtual size: 183KB

.data
Size: 512B - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 164B