1c88cea432bf02df03dc0701d40a6884_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1c88cea432bf02df03dc0701d40a6884_JaffaCakes118
Size

412KB
MD5

1c88cea432bf02df03dc0701d40a6884
SHA1

4075b19e104d2d3b10a71d375e95ea561b355e0f
SHA256

681aa9eb4fe17b5757d26abbce2ef6512b10a782e703e458a59d20cbc324182e
SHA512

82d37a833b92dd116b4fccc58d9cb2eef414c24a267e0a074a3a98b60371e35452c53ddef6c928fc3811cade8d12c588f16e7e44778086c9b6d81f2322d4ca80
SSDEEP

12288:7x28KYVK203TtnHSYv1o6BGnFCtTjvd90eWjx:F28KEKtnHSpbn0tfvd97Wjx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c88cea432bf02df03dc0701d40a6884_JaffaCakes118

Files

1c88cea432bf02df03dc0701d40a6884_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a8fa985d32da795ea8272f8c20cc7ba1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetStockObject
DeleteDC
SelectObject
SetBkColor
SetBkMode
GetDeviceCaps
SetTextColor

advapi32

OpenProcessToken
GetTokenInformation
RegQueryValueExA

ole32

CoUninitialize
OleInitialize
CoTaskMemFree
OleUninitialize

kernel32

ExitProcess
GetProcessHeap
FlushFileBuffers
GetEnvironmentVariableA
HeapDestroy
CreateProcessA
TerminateProcess
LeaveCriticalSection
GetCommandLineW
DeleteFileW
GetProcAddress
Sleep
SetUnhandledExceptionFilter
InterlockedDecrement
GetSystemInfo
QueryPerformanceCounter
ResetEvent
UnmapViewOfFile
TlsFree
VirtualFree
SetEndOfFile
DeleteCriticalSection
LocalAlloc
GetStartupInfoA
InitializeCriticalSection
InterlockedIncrement
IsValidCodePage
CloseHandle
SetStdHandle
SetEvent
GetStringTypeA
CreateDirectoryA
GetCPInfo
GetCommandLineA
HeapFree
VirtualAlloc
GetStdHandle
FreeEnvironmentStringsA
FindClose
CreateThread
MapViewOfFile
FreeLibrary
WriteFile
CreateMutexA
GetConsoleMode
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
WriteConsoleW
TlsGetValue
FindFirstFileA
TlsSetValue
GlobalLock
GlobalAlloc
RaiseException
SizeofResource
GetFileAttributesA
LockResource
LoadResource
GetModuleHandleW
SetLastError
GetTempPathA
TlsAlloc
HeapReAlloc
HeapAlloc
SetFilePointer
CreateFileMappingA
GetConsoleOutputCP
SetHandleCount
GetConsoleCP
GetACP
LCMapStringW
CompareStringW
LCMapStringA
MultiByteToWideChar
FormatMessageW
GetOEMCP
GetVersion
InterlockedCompareExchange
InterlockedExchange
UnhandledExceptionFilter
LoadLibraryA
GetVersionExA
WideCharToMultiByte
lstrlenA
GetLocaleInfoA
lstrcmpiA
GetThreadLocale
GetFileType
CreateFileA
GetDriveTypeA
FormatMessageA
GetCurrentProcessId
GetLastError
GetModuleFileNameA
GetTickCount
GetModuleHandleA
lstrlenW
ReadFile
WaitForSingleObject
GetCurrentThreadId
GetCurrentProcess
HeapCreate
HeapSize
VirtualQuery

user32

GetSubMenu
GetParent
SetCapture
ShowWindow
GetSysColor
SetWindowPos
InvalidateRect
SetCursor
DefWindowProcA
SetWindowTextA
GetWindowRect
DispatchMessageA
PostQuitMessage
EndPaint
LoadBitmapA
UpdateWindow
GetWindowLongA
GetSystemMetrics
ReleaseDC
LoadIconA
GetClientRect
IsIconic
FillRect
EndDialog
IsWindow
ScreenToClient
GetDlgItem
PeekMessageA
GetDesktopWindow
MessageBoxA
GetFocus

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 359KB - Virtual size: 359KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8fa985d32da795ea8272f8c20cc7ba1

Headers

File Characteristics

Imports

gdi32

advapi32

ole32

kernel32

user32

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 359KB - Virtual size: 359KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 359KB - Virtual size: 359KB

.rsrc
Size: 5KB - Virtual size: 4KB