1b70116c72def0f83a62ff4461fd3664_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1b70116c72def0f83a62ff4461fd3664_JaffaCakes118
Size

509KB
MD5

1b70116c72def0f83a62ff4461fd3664
SHA1

c79cd1e4f3b6053735a0bdbd458580dda63a84e5
SHA256

634087922788203317a44754940d6e598cc7cef938708d1916cbc279036d6d25
SHA512

56c5a0019079c83ce9da460e7e1a5c4ba451c4f357710b42a24b7a528933cc8fc52f0e782e65a42f812a2dceda230a0a0d199d5229e1ec0a6b714b6f5c1c8fa8
SSDEEP

6144:CGU6DUItRHWDBZUBr3iG7Atj8rTrZ3C6sxGeDUIlQlvw9rHzY0fRd+mhr+BguWGr:PcZ78NCj8930WlvYrHUKRdCH3h0Sj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b70116c72def0f83a62ff4461fd3664_JaffaCakes118

Files

1b70116c72def0f83a62ff4461fd3664_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8821d6d7759b6c5269a9b96275c41f7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassA
DdeSetQualityOfService
AnimateWindow
DialogBoxParamA
MonitorFromWindow
GetCaretBlinkTime
SystemParametersInfoW
EnableWindow
SystemParametersInfoA
RegisterClassExA
MapVirtualKeyExW
MessageBoxExW
SetWindowsHookExW
GetNextDlgGroupItem

kernel32

GetNumberFormatW
HeapFree
GetOEMCP
LeaveCriticalSection
ReadFile
CreateMutexA
TlsAlloc
SetStdHandle
UnhandledExceptionFilter
GetModuleHandleA
GetAtomNameW
SetLastError
GetCurrentThreadId
HeapSize
GetLastError
LocalCompact
GetStdHandle
GetEnvironmentVariableW
FreeEnvironmentStringsW
TerminateProcess
IsValidLocale
GetStartupInfoA
HeapAlloc
WideCharToMultiByte
VirtualAlloc
RaiseException
MultiByteToWideChar
VirtualUnlock
HeapReAlloc
GetEnvironmentStrings
SetHandleCount
IsValidCodePage
TlsSetValue
LCMapStringA
GetThreadLocale
CompareStringA
CloseHandle
HeapCreate
CompareStringW
ExitProcess
IsBadWritePtr
SetFilePointer
SetEnvironmentVariableA
GetCurrentProcessId
GetTimeZoneInformation
GetTickCount
CreateMutexW
FlushFileBuffers
RtlUnwind
VirtualFree
GetModuleFileNameA
OpenMutexA
GetProcAddress
GetCPInfo
CreateDirectoryExA
InterlockedExchange
CreateEventA
OpenEventA
GetStringTypeW
GlobalUnfix
FindFirstFileA
GetFileType
QueryPerformanceCounter
GetACP
GetSystemTimeAsFileTime
Sleep
GetCommandLineA
EnumSystemLocalesA
GetTimeFormatA
TlsFree
WriteFile
GetUserDefaultLCID
LoadLibraryA
EnterCriticalSection
GetCurrentProcess
SetConsoleMode
VirtualQuery
GetCurrentThread
GetDateFormatA
GetStringTypeA
FreeEnvironmentStringsA
GetLocaleInfoA
DeleteCriticalSection
TlsGetValue
GetVersionExA
GetLocaleInfoW
LCMapStringW
InitializeCriticalSection
DeleteFileA
MapViewOfFile
GetEnvironmentStringsW
WriteConsoleW
GetSystemInfo
VirtualProtect
HeapDestroy
ReadConsoleInputW
GetComputerNameA

comctl32

InitCommonControlsEx

Sections

.text
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8821d6d7759b6c5269a9b96275c41f7e

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 182KB - Virtual size: 181KB

.rdata Size: 8KB - Virtual size: 22KB

.data Size: 312KB - Virtual size: 312KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 182KB - Virtual size: 181KB

.rdata
Size: 8KB - Virtual size: 22KB

.data
Size: 312KB - Virtual size: 312KB

.rsrc
Size: 6KB - Virtual size: 5KB