1beaa0b1d4b1450262a73e5f07c50f28_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1beaa0b1d4b1450262a73e5f07c50f28_JaffaCakes118
Size

524KB
MD5

1beaa0b1d4b1450262a73e5f07c50f28
SHA1

2d4a9620ed05d1f186227ecaf6feab9d96a02f2b
SHA256

e9d1ec88af235b5a0289e9296733b46e3351fcfde4646884737d1b0314495a6c
SHA512

86b445ec679cde03d06b16387671010fb2796c97d59b1f88a4f49e94e9acfddcc44e9c32b48ec870d9b8c1798142463503e5f833ae404b2b057e7d9f9c6d3384
SSDEEP

12288:WyQqRnukev0z31fTJf5Pnk3p4ebeQqq/hK0ifiSf5Um2SZ:z9uk331fFflX+N/Uflf5Umj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1beaa0b1d4b1450262a73e5f07c50f28_JaffaCakes118

Files

1beaa0b1d4b1450262a73e5f07c50f28_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2572346cb0815f4b8bec3a062aa5b9e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

OpenMutexA
DebugBreak
TerminateProcess
HeapAlloc
SetEnvironmentVariableW
GetACP
GetCurrentProcess
GetLocaleInfoW
GetStartupInfoA
ExitProcess
HeapReAlloc
WriteConsoleW
GetStdHandle
GlobalDeleteAtom
GetThreadLocale
WideCharToMultiByte
HeapCreate
VirtualAlloc
GetProfileStringW
FreeEnvironmentStringsA
GetVersionExA
IsDebuggerPresent
GetOEMCP
GetPrivateProfileStringW
SetHandleCount
VirtualFree
LoadLibraryA
GetFileType
CompareFileTime
LocalSize
CreateFileA
GetUserDefaultLCID
CreateNamedPipeW
GetConsoleOutputCP
GetCurrentThreadId
WaitNamedPipeW
HeapSize
CreateMutexA
LCMapStringW
GetStringTypeW
TlsAlloc
GetProcessHeap
QueryPerformanceCounter
GetConsoleCP
TlsGetValue
SetConsoleCP
TlsFree
UnhandledExceptionFilter
GetModuleFileNameA
LeaveCriticalSection
ReadFile
SetEnvironmentVariableA
EnterCriticalSection
GetDateFormatA
VirtualQuery
CompareStringA
InterlockedDecrement
SetThreadPriority
WriteConsoleA
InitializeCriticalSection
InterlockedIncrement
DeleteCriticalSection
SetStdHandle
GetCommandLineA
TlsSetValue
GetLastError
FlushFileBuffers
MapViewOfFile
GetEnvironmentStrings
InterlockedExchange
Sleep
CloseHandle
HeapDestroy
GlobalUnfix
GetCurrentProcessId
GetModuleHandleA
FreeEnvironmentStringsW
WriteFile
EnumSystemLocalesA
GetCurrentThread
SetLastError
GetSystemDefaultLCID
GetSystemTimeAsFileTime
CompareStringW
GetConsoleMode
GetCPInfo
SetFilePointer
RtlUnwind
GetLocaleInfoA
MultiByteToWideChar
GetEnvironmentStringsW
IsValidCodePage
WriteProfileStringA
FreeLibrary
GetTimeZoneInformation
GetProcAddress
LCMapStringA
GetTickCount
GetStringTypeA
HeapFree
GetTimeFormatA
IsValidLocale
SetUnhandledExceptionFilter
SetConsoleCtrlHandler

gdi32

GetKerningPairsA
Polyline
EnumFontsA
EnumFontsW
CreateMetaFileW
CopyMetaFileA
FillRgn
AbortPath
GetMetaFileA
SetWorldTransform
GetDCOrgEx
SetBitmapDimensionEx
SetPaletteEntries
CreateICA
GdiPlayJournal
InvertRgn
GetClipBox

user32

RegisterClassExA
GetKeyboardLayoutNameW
RegisterClassA
DrawStateA

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2572346cb0815f4b8bec3a062aa5b9e8

Headers

File Characteristics

Imports

comctl32

kernel32

gdi32

user32

Sections

.text Size: 154KB - Virtual size: 153KB

.rdata Size: 10KB - Virtual size: 16KB

.data Size: 356KB - Virtual size: 355KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 154KB - Virtual size: 153KB

.rdata
Size: 10KB - Virtual size: 16KB

.data
Size: 356KB - Virtual size: 355KB

.rsrc
Size: 3KB - Virtual size: 2KB