284a9cb7f41b95eb92edb306f235f524_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

284a9cb7f41b95eb92edb306f235f524_JaffaCakes118
Size

192KB
MD5

284a9cb7f41b95eb92edb306f235f524
SHA1

6949a20f6736601a96b74e2c556bf0920267cb94
SHA256

8782fbddbcc69287fe0b0316bec126c8d7fc742bd3c9fd1869fe9ef2a3215647
SHA512

7625c08d89a03de3bef56a82ff0544d595754c5dc4c087a0eabaeb7613e6ca7491e376c19b9f752275bb0e288539ec4cc71f36bc1762bab5c7b746dd0448764c
SSDEEP

3072:4jx/TpQoQkFBkXclKEBKASAdytnlRfBODfoOS9fz/xiRHzm2BFqm+:UNpQoQkFaXcRKUdyFuwOIfz/xiBm2BFq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
284a9cb7f41b95eb92edb306f235f524_JaffaCakes118

Files

284a9cb7f41b95eb92edb306f235f524_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a28f91e177230edfbe027d83de6117d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexA
CreateMutexW
ReleaseMutex
GetTimeFormatA
InterlockedExchange
GetVolumeInformationW
SetLastError
ExitProcess
GetCurrentProcessId
GetFileTime
GetDiskFreeSpaceW
FindCloseChangeNotification
FindFirstChangeNotificationW
SetEvent
WaitForSingleObject
GetCurrentProcess
GetTempPathW
LoadLibraryW
GetFileAttributesW
SetFileAttributesA
GetCurrentThreadId
GetCommandLineA
GetModuleHandleA
GetProfileStringW
GetModuleFileNameA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
HeapSize
VirtualQuery
RtlUnwind
HeapReAlloc
VirtualAlloc
HeapAlloc
GetCPInfo
GetOEMCP
GetACP
LoadLibraryA
HeapFree
VirtualFree
GetSystemInfo
HeapCreate
HeapDestroy
DuplicateHandle
SetErrorMode
SetUnhandledExceptionFilter
WinExec
GetEnvironmentVariableW
GetExitCodeProcess
PeekNamedPipe
CreatePipe
TerminateProcess
GetVersionExW
VirtualProtect
GetCurrentThread
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetStartupInfoA
GetVersionExA
GetProcAddress
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings

user32

GetSysColorBrush
ScreenToClient
GetWindowTextLengthA
SystemParametersInfoA
RegisterHotKey
CheckMenuRadioItem
CheckDlgButton
EnumWindows
IsDialogMessageA
CallNextHookEx
SendMessageA
TrackPopupMenu
GetCursorPos
RegisterClassExA
GetClassInfoExA
SetWindowTextA
GetActiveWindow
AppendMenuA
CallWindowProcA
GetWindowLongA
IsWindowEnabled
GetClassNameA
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos

gdi32

SetViewportExtEx
ScaleViewportExtEx
ScaleWindowExtEx
DPtoLP
CreateDCA
GetObjectA
CreatePen
DeleteObject
DeleteDC
SetMapMode
OffsetViewportOrgEx

ws2_32

WSAWaitForMultipleEvents
WSAAddressToStringA
WSACleanup
WSAStartup
WSAEnumNetworkEvents

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a28f91e177230edfbe027d83de6117d3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ws2_32

Sections

.text Size: 104KB - Virtual size: 103KB

.data Size: 85KB - Virtual size: 99KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 104KB - Virtual size: 103KB

.data
Size: 85KB - Virtual size: 99KB

.rsrc
Size: 1KB - Virtual size: 1KB