2621214b852976ef9ff860262865bc6d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2621214b852976ef9ff860262865bc6d_JaffaCakes118
Size

308KB
MD5

2621214b852976ef9ff860262865bc6d
SHA1

4a813a7e91450948723278c7356ef45946f01148
SHA256

316e3c558e27dbf5329297cd408c6969940b9218d6f3b85123f3050fa02518e1
SHA512

967202e88cfe6dc6bbf920b937763d76a6b2bd255deb7811613b2b34c7d08c666e24d7faeb640a05dae0f2f1bc349004a4512a7000bc0f82da68db675af6b9e6
SSDEEP

6144:AoH23UNEmdJwtUpk+506rS+oNgxdTAFCkjn3SFJybxeuaMFGor:1aAtvWmqCkr3SP0euamGo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2621214b852976ef9ff860262865bc6d_JaffaCakes118

Files

2621214b852976ef9ff860262865bc6d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d50ddac8d9dfb67355fd03a4569d46c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
LeaveCriticalSection
MultiByteToWideChar
TlsSetValue
GetStartupInfoA
GetCurrentProcess
GetCurrentProcessId
GetStringTypeA
GetSystemInfo
FindNextChangeNotification
GetVersionExA
TryEnterCriticalSection
TerminateProcess
SetHandleCount
HeapAlloc
GetStringTypeW
CompareStringA
GetCurrentThreadId
GetTickCount
LoadLibraryA
GetStringTypeExA
GetModuleHandleA
GetUserDefaultLCID
VirtualProtect
OpenFileMappingW
WideCharToMultiByte
GetLocaleInfoA
HeapSize
UnhandledExceptionFilter
HeapFree
GetDateFormatA
OpenMutexA
RtlUnwind
GetLastError
SetFilePointer
FreeEnvironmentStringsA
GetCommandLineA
GetACP
PulseEvent
CreateMutexA
GetStdHandle
EnumSystemLocalesA
GetTimeFormatA
WriteFile
GetOEMCP
FlushFileBuffers
SetLastError
AllocConsole
VirtualFree
InterlockedExchange
LCMapStringA
CompareStringW
GetCurrentThread
SetConsoleMode
TlsFree
SetStdHandle
CreateDirectoryExA
IsValidLocale
HeapCreate
TlsGetValue
lstrcpynW
ResumeThread
ExitProcess
GetLocaleInfoW
FreeEnvironmentStringsW
GetProcAddress
FlushConsoleInputBuffer
WriteFileEx
GetCPInfo
VirtualAlloc
GetTimeZoneInformation
VirtualQuery
CloseHandle
GetModuleFileNameA
GetSystemTimeAsFileTime
ReadFile
GetEnvironmentStringsW
IsValidCodePage
IsBadWritePtr
EnterCriticalSection
DeleteCriticalSection
SetEnvironmentVariableA
QueryPerformanceCounter
TlsAlloc
GlobalAlloc
HeapReAlloc
FindResourceExW
InitializeCriticalSection
GetFileType
GetNumberFormatA
GetEnvironmentStrings
LCMapStringW

comctl32

InitCommonControlsEx

user32

SetWinEventHook
GetClipCursor
SendMessageTimeoutW
EnableScrollBar
HideCaret
GetCapture
RegisterWindowMessageA
CharToOemW
GetSysColor
EmptyClipboard
CharToOemA
GetMenuContextHelpId
RegisterClassA
RegisterClassW
DrawTextW
ChangeClipboardChain
TabbedTextOutW
RegisterClassExA

Sections

.text
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d50ddac8d9dfb67355fd03a4569d46c

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 149KB - Virtual size: 148KB

.rdata Size: 8KB - Virtual size: 33KB

.data Size: 145KB - Virtual size: 145KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 149KB - Virtual size: 148KB

.rdata
Size: 8KB - Virtual size: 33KB

.data
Size: 145KB - Virtual size: 145KB

.rsrc
Size: 5KB - Virtual size: 4KB