238e9c0dcfee555a07b77b520bd8ba95_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

238e9c0dcfee555a07b77b520bd8ba95_JaffaCakes118
Size

441KB
MD5

238e9c0dcfee555a07b77b520bd8ba95
SHA1

de76772487b67b3ed7cccb4fbbb926f682909b29
SHA256

930e48427976be83b7852a4252fb54002b2b4ed6b6914ca27dba71085e0562e2
SHA512

b1c6a4ef4120e79e7216241ed5fb4e755646615ddf3944379e1f7bd22ad2fcce7cc61f22b4b4e9676e904a2fd447413c92345ca33be14aeeed73b5f7d40e99e1
SSDEEP

6144:lwybQr4H/1X9hwHcesR0cSmm8lTQ8rs17py8lEg3Is+9V/bDgvN:lNsr69hHLSmm8dwJpy8I7/wvN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
238e9c0dcfee555a07b77b520bd8ba95_JaffaCakes118

Files

238e9c0dcfee555a07b77b520bd8ba95_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d3fe80883287da9c7a7a1bbad94cd68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PrintDlgA
FindTextA
GetSaveFileNameW

shell32

SHGetSpecialFolderPathW
SHFileOperation

user32

CheckRadioButton
RegisterClassExA
MapVirtualKeyExW
SetPropA
RegisterClassA
InsertMenuA
EnumDisplayDevicesW
WinHelpW
SetWindowsHookExW
DdeQueryConvInfo
CallNextHookEx

comctl32

InitCommonControlsEx

kernel32

SetLastError
LoadLibraryA
GetCurrentProcessId
GetTimeZoneInformation
GetCurrentProcess
CloseHandle
WriteFile
GetStdHandle
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsW
WideCharToMultiByte
GetStartupInfoA
TerminateProcess
DeleteCriticalSection
MultiByteToWideChar
SetEnvironmentVariableA
GetProcAddress
RtlUnwind
InterlockedIncrement
FlushFileBuffers
VirtualFree
GetFileType
GetStartupInfoW
GetCPInfo
GetFileAttributesW
ExitProcess
GetEnvironmentStrings
GetLastError
HeapReAlloc
LeaveCriticalSection
InitializeCriticalSection
GetLocalTime
GetCommandLineW
LCMapStringW
GetEnvironmentStringsW
SetWaitableTimer
GetSystemTimeAsFileTime
TlsSetValue
HeapCreate
CreateDirectoryW
InterlockedDecrement
QueryPerformanceCounter
VirtualQuery
GetCurrentThreadId
GetModuleFileNameA
GetSystemTime
FreeEnvironmentStringsA
GetStringTypeA
VirtualAlloc
ContinueDebugEvent
GetVersion
IsBadWritePtr
CompareStringA
GetModuleHandleA
OpenMutexA
GetCurrentThread
LCMapStringA
SetStdHandle
HeapAlloc
TlsAlloc
SetFilePointer
CompareStringW
ReadFile
HeapDestroy
SetHandleCount
GetModuleFileNameW
TlsGetValue
EnterCriticalSection
InterlockedExchangeAdd
TlsFree
GetCommandLineA
InterlockedExchange
HeapFree
lstrcpyA
GetTickCount
CreateMutexA

Sections

.text
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d3fe80883287da9c7a7a1bbad94cd68

Headers

File Characteristics

Imports

comdlg32

shell32

user32

comctl32

kernel32

Sections

.text Size: 252KB - Virtual size: 252KB

.rdata Size: 4KB - Virtual size: 27KB

.data Size: 176KB - Virtual size: 175KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 252KB - Virtual size: 252KB

.rdata
Size: 4KB - Virtual size: 27KB

.data
Size: 176KB - Virtual size: 175KB

.rsrc
Size: 7KB - Virtual size: 7KB