28842835a504343dbdf0dec8af25a15e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28842835a504343dbdf0dec8af25a15e_JaffaCakes118
Size

577KB
MD5

28842835a504343dbdf0dec8af25a15e
SHA1

a5fbd4075e79783d1803403d719c7d3ef5c9f9aa
SHA256

61f2d526d13a9d9c73d1651b88c7a2bd6946a18491640f8ddf38d76b9cdd77e6
SHA512

c741b7f28a11cf9bf4013355c187dff2c74dfe6525b8f1842bc09b85cc66ba0a6f5126b90113e4876d711e0b0258374cc15d4ab9313d4b1208b25f56214ddf11
SSDEEP

12288:33jc7VK7MBE2fx0hsBh1AqqCBIOmpqH+PoKTLkyL4uhn:HQpLf6+j7BIOmpA2fgu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28842835a504343dbdf0dec8af25a15e_JaffaCakes118

Files

28842835a504343dbdf0dec8af25a15e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c4ca989ecd6000087b64743ec41ec60f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ClientToScreen
GetKeyboardLayout
GetScrollRange
RegisterClassExA
SetUserObjectInformationW
RegisterClassA

kernel32

GetProcessHeap
TlsAlloc
QueryPerformanceCounter
LCMapStringW
GetCommandLineW
LeaveCriticalSection
GetStartupInfoW
GetEnvironmentStrings
HeapValidate
VirtualQuery
CompareStringW
FindNextFileW
GetLastError
GetAtomNameA
GetStringTypeW
GetLocaleInfoA
WriteFile
GetCPInfo
EnumResourceTypesA
Sleep
WriteConsoleW
GetLocaleInfoW
GetStdHandle
DeleteCriticalSection
ReleaseMutex
InterlockedDecrement
MultiByteToWideChar
SetFilePointer
InterlockedIncrement
SetEnvironmentVariableA
IsDebuggerPresent
FlushFileBuffers
GetDateFormatA
GetExitCodeThread
IsValidLocale
GetStringTypeA
GetFileType
TlsSetValue
GetCurrentProcess
TlsGetValue
DebugActiveProcess
HeapDestroy
IsValidCodePage
ExitProcess
FreeEnvironmentStringsA
UnhandledExceptionFilter
lstrlen
GetModuleHandleA
HeapReAlloc
EnterCriticalSection
GetEnvironmentStringsW
PulseEvent
WideCharToMultiByte
InitializeCriticalSection
SetConsoleScreenBufferSize
VirtualAlloc
HeapCreate
GetTickCount
GetConsoleCP
OpenMutexA
RtlUnwind
CreateFileA
FreeEnvironmentStringsW
TerminateProcess
WritePrivateProfileStructA
SetHandleCount
GetOEMCP
GetTimeFormatA
WriteConsoleOutputW
GetCurrentProcessId
SetStdHandle
GetACP
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCommandLineA
VirtualFree
SetLastError
FindFirstFileExW
TryEnterCriticalSection
GetModuleFileNameA
GetConsoleOutputCP
FreeLibrary
GetVersionExA
GetCurrentThread
EnumSystemLocalesA
GetConsoleMode
ReleaseSemaphore
GetPrivateProfileSectionA
GetUserDefaultLCID
GetModuleFileNameW
CompareStringA
WriteConsoleA
SetUnhandledExceptionFilter
TlsFree
HeapFree
LoadLibraryA
InterlockedExchange
CreateMutexA
GetStartupInfoA
HeapSize
SetComputerNameA
HeapAlloc
ReadFile
GetCurrentThreadId
CloseHandle
LCMapStringA
SetConsoleCtrlHandler
GetProcAddress

comctl32

InitCommonControlsEx

comdlg32

ReplaceTextW
ReplaceTextA
PageSetupDlgW

Sections

.text
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 360KB - Virtual size: 359KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4ca989ecd6000087b64743ec41ec60f

Headers

File Characteristics

Imports

user32

kernel32

comctl32

comdlg32

Sections

.text Size: 199KB - Virtual size: 199KB

.rdata Size: 9KB - Virtual size: 20KB

.data Size: 360KB - Virtual size: 359KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 199KB - Virtual size: 199KB

.rdata
Size: 9KB - Virtual size: 20KB

.data
Size: 360KB - Virtual size: 359KB

.rsrc
Size: 7KB - Virtual size: 7KB