28e2a088ff08b0709c3ae393a41da2b1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28e2a088ff08b0709c3ae393a41da2b1_JaffaCakes118
Size

546KB
MD5

28e2a088ff08b0709c3ae393a41da2b1
SHA1

d9997c79b867346c3e808abb8f8b7a940f05cbca
SHA256

d12aa4a623d2dbc263e6d05c13ee506f1ea25ffd2238fd97c053147d5b60c6ec
SHA512

f731a3f9a4363409d3965a834cd01b6c89962e1585382690bd4b903713a4c3a93f3f72728c604114b426a40dec737fe4454970f7fa8fbe7550a4b4e67af48ac5
SSDEEP

12288:ytOP7OvXnSrAsZvOE6Gl7C9hF0DdT82vs8TAH9ICiypBXJruh1:ytOPqvXilOE6Gl7C9kpYGs8TqJBXpuz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28e2a088ff08b0709c3ae393a41da2b1_JaffaCakes118

Files

28e2a088ff08b0709c3ae393a41da2b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

14750fc2de9f501f409cf5d360a8ac6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

GetCurrentThreadId
FreeEnvironmentStringsA
GetACP
DeleteCriticalSection
TlsFree
WriteConsoleOutputA
GetCurrentProcess
CreateEventW
SetConsoleTitleW
GetCommandLineA
SetFileTime
HeapSize
SetFilePointer
ReadFile
GetModuleHandleA
GetDateFormatA
GetTimeFormatA
WriteProfileSectionW
FillConsoleOutputCharacterW
EnterCriticalSection
EnumSystemLocalesA
CompareStringA
TlsSetValue
SetStdHandle
EnumResourceNamesW
LeaveCriticalSection
RtlUnwind
GetOEMCP
VirtualFree
LockFile
ReadConsoleOutputCharacterW
VirtualAlloc
CreateMutexA
HeapCreate
IsValidCodePage
SetUnhandledExceptionFilter
WideCharToMultiByte
HeapReAlloc
GetProcAddress
WaitForSingleObject
GetDriveTypeA
LoadLibraryA
CloseHandle
LCMapStringA
FlushFileBuffers
GetStringTypeExW
GetUserDefaultLCID
HeapAlloc
QueryPerformanceCounter
LocalFlags
GetStringTypeW
InterlockedExchange
InitializeCriticalSection
SetLastError
GetFileType
LCMapStringW
GetStringTypeA
GetSystemInfo
GlobalAlloc
FreeEnvironmentStringsW
GetStartupInfoA
GetCalendarInfoA
GetLocaleInfoA
GetVersionExA
GetSystemTimeAsFileTime
GetLastError
GetEnvironmentStrings
GetLocaleInfoW
GlobalCompact
IsValidLocale
VirtualProtect
OpenMutexA
SetHandleCount
ConvertDefaultLocale
GetEnvironmentStringsW
GetCurrentProcessId
VirtualQuery
MultiByteToWideChar
UnhandledExceptionFilter
TerminateProcess
GetSystemDefaultLCID
CompareStringW
HeapDestroy
IsBadWritePtr
lstrcpy
GetCurrentThread
HeapFree
GetCPInfo
TlsGetValue
GetStdHandle
TlsAlloc
GetTickCount
SetEnvironmentVariableA
ExitProcess
WriteFile
GetModuleFileNameA
GetTimeZoneInformation

user32

wvsprintfA
RegisterClassA
RegisterClassExA

Sections

.text
Size: 211KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 322KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14750fc2de9f501f409cf5d360a8ac6e

Headers

File Characteristics

Imports

comctl32

kernel32

user32

Sections

.text Size: 211KB - Virtual size: 211KB

.rdata Size: 7KB - Virtual size: 24KB

.data Size: 322KB - Virtual size: 321KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 211KB - Virtual size: 211KB

.rdata
Size: 7KB - Virtual size: 24KB

.data
Size: 322KB - Virtual size: 321KB

.rsrc
Size: 4KB - Virtual size: 3KB