28807c8a282a213adc4bb62688542ceb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28807c8a282a213adc4bb62688542ceb_JaffaCakes118
Size

383KB
MD5

28807c8a282a213adc4bb62688542ceb
SHA1

4a034f9d79a8c88fd87fe923cbb92d61c31dc10e
SHA256

124175ddd914e5865f34b56e06943bacc87f68eb79ab599cce271d73f996a9d2
SHA512

86ce3e1eac1a7070e68025331468628f085c4722528782ae7461aa76f8180d217562f2e4197844f643b34225ac36f345efcc9d36c6e0d381861bf3839670af68
SSDEEP

6144:uv9s6Oi2kbEPOA4IIKqBqUEHEbEeaAUVGsI9j14yfaYMSxgF:uv21QRbjarVXIRfa9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28807c8a282a213adc4bb62688542ceb_JaffaCakes118

Files

28807c8a282a213adc4bb62688542ceb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15e7b273ab64cb76ad4acbc3c9b3527d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
SetFilePointer
CloseHandle
GlobalCompact
GetCalendarInfoW
InterlockedExchange
GetCurrentProcess
IsBadWritePtr
HeapFree
GetTimeFormatA
GetSystemInfo
LCMapStringW
SetEnvironmentVariableA
TlsGetValue
UnhandledExceptionFilter
GetCommandLineA
GetStringTypeW
lstrcat
OpenMutexA
WaitNamedPipeW
GetModuleHandleA
CreateFileA
GetStartupInfoA
SetLastError
EnumCalendarInfoW
VirtualQuery
WriteFile
VirtualFree
GetDateFormatA
LCMapStringA
GetStdHandle
GetCurrentThread
GetLastError
HeapAlloc
VirtualAlloc
GetCPInfo
EnumSystemLocalesA
DeleteCriticalSection
HeapSize
GetVersionExW
GetModuleFileNameA
GetTimeZoneInformation
GetLocaleInfoW
EnterCriticalSection
HeapCreate
GetACP
GetCurrentProcessId
CompareStringA
GetConsoleCursorInfo
TlsFree
HeapDestroy
IsValidLocale
FreeEnvironmentStringsW
OpenWaitableTimerA
GetSystemTimeAsFileTime
GetFileType
IsValidCodePage
GetVersionExA
CompareStringW
LeaveCriticalSection
GlobalFlags
LoadLibraryA
MapViewOfFileEx
ExitProcess
QueryPerformanceCounter
GetTickCount
GetUserDefaultLCID
TlsAlloc
MoveFileW
GetEnvironmentStringsW
GetProcAddress
LocalHandle
SetConsoleCursorPosition
GetEnvironmentStrings
SetStdHandle
SetLocaleInfoW
GetLocaleInfoA
SetHandleCount
GetStringTypeA
FlushFileBuffers
lstrcpyA
FreeEnvironmentStringsA
TerminateProcess
InitializeCriticalSection
HeapReAlloc
TlsSetValue
GetOEMCP
RtlUnwind
CreateMutexA
SetConsoleCtrlHandler
ReadFile
MultiByteToWideChar
VirtualProtect
WideCharToMultiByte

user32

RegisterClassA
DefWindowProcA
SetCaretPos
LookupIconIdFromDirectory
ActivateKeyboardLayout
IsZoomed
ShowWindow
CreateWindowExA
DestroyWindow
RegisterClassExA
MessageBoxW

comctl32

CreatePropertySheetPage
ImageList_EndDrag
ImageList_AddMasked
InitCommonControlsEx

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15e7b273ab64cb76ad4acbc3c9b3527d

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 132KB - Virtual size: 132KB

.rdata Size: 77KB - Virtual size: 101KB

.data Size: 95KB - Virtual size: 94KB

.rsrc Size: 77KB - Virtual size: 77KB

.text
Size: 132KB - Virtual size: 132KB

.rdata
Size: 77KB - Virtual size: 101KB

.data
Size: 95KB - Virtual size: 94KB

.rsrc
Size: 77KB - Virtual size: 77KB