23f40f1aa782ede1d1b263f054e8d06b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

23f40f1aa782ede1d1b263f054e8d06b_JaffaCakes118
Size

316KB
MD5

23f40f1aa782ede1d1b263f054e8d06b
SHA1

75b00ff9d6b564081e24cfd3bd3c4800f243553d
SHA256

34b03cfac305b49452115c0b4f51a1e2adc7f668dd038055d915b4f49af48bf5
SHA512

ef15969314b778e75782783b176c6cb85f4554fda688fff45721a923686b7d1f97d9f7d125d4c1ff32f9809deef92f240fd44c2601cb22ef2c88be024930d33c
SSDEEP

6144:wnrHb2kkWoiSBgngPOQFEBdjBib/wtN3CbnPiPMymtg8agG777n8a:yHapJdb2QOjBibImqPjmtgiG73r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23f40f1aa782ede1d1b263f054e8d06b_JaffaCakes118

Files

23f40f1aa782ede1d1b263f054e8d06b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77d7de1f3061f63e790e5b497c0f2277

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GetTickCount
GetFullPathNameW
AllocConsole
OutputDebugStringA
GetSystemTimeAdjustment
MapViewOfFileEx
CompareStringA
ReadConsoleOutputW
VirtualFree
FlushFileBuffers
CloseHandle
CreateFileMappingW
GetTimeZoneInformation
CreateConsoleScreenBuffer
FatalAppExitA
SetHandleCount
GetVersionExA
GetFileAttributesExA
QueueUserAPC
LockResource
RemoveDirectoryW
CompareStringW
GetProfileIntA
LoadLibraryA
OpenMutexW
InterlockedExchangeAdd
GetPrivateProfileIntA
FillConsoleOutputCharacterW
ExitProcess
VirtualProtect
GetPrivateProfileSectionW
GetLongPathNameA
IsDBCSLeadByte
SetTimeZoneInformation
_hread
GlobalCompact
GetPrivateProfileStringW
GetWindowsDirectoryA
GetPrivateProfileStringA
GetCommandLineA
GetCurrentDirectoryW

gdi32

ExtSelectClipRgn
GetClipRgn
SetGraphicsMode
GdiFlush
RectInRegion
ExtTextOutW
GetBkMode
SetPixelFormat
EndDoc
GetTextFaceA
CreateEllipticRgn
PtInRegion
ExtEscape
SetRectRgn
OffsetRgn
SetDIBColorTable

comdlg32

ChooseFontW
ChooseColorA
GetOpenFileNameA

advapi32

AllocateAndInitializeSid
CloseEventLog
CryptGetUserKey
SetServiceObjectSecurity
OpenEventLogW
GetLengthSid

shell32

SHBrowseForFolderA
ExtractIconExA
SHGetPathFromIDListA
ShellExecuteW
ShellExecuteExA
SHGetSpecialFolderPathW

ole32

CoFreeUnusedLibraries
CoDisconnectObject
StgOpenStorageEx
PropVariantCopy
CoCreateFreeThreadedMarshaler
CoGetInterfaceAndReleaseStream
OleRegEnumVerbs
OleCreateLink
CoUninitialize

oleaut32

VariantClear
LoadTypeLi
SafeArrayGetUBound
SysAllocString
SafeArrayCreateVector
SysFreeString
SafeArrayGetLBound
SysAllocStringLen
SafeArrayPutElement
RegisterTypeLi

shlwapi

PathCanonicalizeA
StrToIntExW

setupapi

SetupDiGetDeviceInstanceIdW
SetupFindFirstLineW
SetupCommitFileQueueA
SetupDiGetDeviceRegistryPropertyA
SetupScanFileQueueW
SetupDiGetINFClassA

Sections

.text
Size: 296KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

77d7de1f3061f63e790e5b497c0f2277

Headers

File Characteristics

Imports

kernel32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

setupapi

Sections

.text Size: 296KB - Virtual size: 294KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 8KB

.text
Size: 296KB - Virtual size: 294KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 8KB