20c42730a9dc0b2b50f328cff1c63e69_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

20c42730a9dc0b2b50f328cff1c63e69_JaffaCakes118
Size

549KB
MD5

20c42730a9dc0b2b50f328cff1c63e69
SHA1

1dcf422cad68138024890d157ca0ae2e05395270
SHA256

06a0055ed86c4c145cd9d9096725d8ba9b229f8b3e241bc539ec9b76f0723cbd
SHA512

e14d41c99e8245b57c0df7824c5b044ebc3d9c5495cccd895ba1512399b304be5836a60e470605ce8883b081a07bf08d9a66c2654efa6e5e9f7c5195fcc00dc2
SSDEEP

12288:1py11Aa8BNRDzvLpgekUY2edQnt90peAWKT0hgm6gf9sg:c13STDzvdge1YBetweAWKT0hP6g6g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20c42730a9dc0b2b50f328cff1c63e69_JaffaCakes118

Files

20c42730a9dc0b2b50f328cff1c63e69_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6cdab605934f4b7a45d72256b4296a39

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

UnionRect
RegisterClassA
RegisterClassExA
IsRectEmpty
IsZoomed
GetCursor
DialogBoxIndirectParamA
GetSysColor
SetDebugErrorLevel
EnumChildWindows
CheckRadioButton
TranslateMDISysAccel
CharUpperBuffW
GetKeyState
MsgWaitForMultipleObjectsEx

kernel32

GetProcAddress
GetStringTypeA
VirtualFree
FreeLibrary
GetCurrentThreadId
TlsFree
SetHandleCount
LocalReAlloc
GetModuleFileNameA
GetCommandLineW
DeleteCriticalSection
SetUnhandledExceptionFilter
InterlockedDecrement
VirtualAlloc
GetCurrentProcessId
GetStdHandle
LCMapStringA
QueryPerformanceCounter
CompareStringA
FreeEnvironmentStringsA
GetCurrentThread
WriteConsoleW
GetEnvironmentStrings
SetLastError
EnumTimeFormatsA
SetEndOfFile
GetConsoleMode
GetCurrentProcess
LoadLibraryA
SetThreadPriority
GlobalUnfix
GetDateFormatA
RtlUnwind
HeapAlloc
EnterCriticalSection
WideCharToMultiByte
GetEnvironmentStringsW
GetOEMCP
HeapFree
GetConsoleCP
CreateFileA
GetModuleHandleA
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
CloseHandle
ReadFile
EnumSystemLocalesA
ExitProcess
UnhandledExceptionFilter
TerminateProcess
FlushFileBuffers
HeapReAlloc
GetLocaleInfoA
InterlockedIncrement
ExpandEnvironmentStringsW
Sleep
GetACP
IsValidCodePage
VirtualQuery
IsDebuggerPresent
LCMapStringW
GetTickCount
GetProcessHeap
GetStartupInfoW
WriteFile
InitializeCriticalSection
GetTimeZoneInformation
SetConsoleCtrlHandler
SetEnvironmentVariableA
WriteConsoleA
SetWaitableTimer
LeaveCriticalSection
IsValidLocale
GetCommandLineA
GetUserDefaultLCID
MultiByteToWideChar
GetTimeFormatA
OutputDebugStringW
GetLastError
HeapSize
GetStartupInfoA
TlsGetValue
CompareStringW
TlsAlloc
FindResourceW
GetCPInfo
ResetEvent
GetFileType
SetStdHandle
FreeEnvironmentStringsW
GetVersionExA
OpenMutexA
GetModuleFileNameW
SetFilePointer
InterlockedExchange
CreateMutexA
SetComputerNameW
GetStringTypeW
GetLocaleInfoW
TlsSetValue
EnumResourceLanguagesW
GetConsoleOutputCP

Sections

.text
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cdab605934f4b7a45d72256b4296a39

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 217KB - Virtual size: 217KB

.rdata Size: 9KB - Virtual size: 17KB

.data Size: 317KB - Virtual size: 317KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 217KB - Virtual size: 217KB

.rdata
Size: 9KB - Virtual size: 17KB

.data
Size: 317KB - Virtual size: 317KB

.rsrc
Size: 4KB - Virtual size: 3KB