322832e150c5b26f4b9bb80fb452f6c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

322832e150c5b26f4b9bb80fb452f6c2_JaffaCakes118
Size

398KB
MD5

322832e150c5b26f4b9bb80fb452f6c2
SHA1

03cd44078277325199dd1a43719bcb678992bc84
SHA256

3e3d5e5ed399d90eafd7c40781767647680087f3fe0e461859eaa38dbe79416d
SHA512

50460ccd0f93fb4be829b6578632135fe097955e62278fb3f8099ec1fc03a75002fbd6e0f2d57d9ab62357b108af8ea83f5792922bd14635854996f74bdf84db
SSDEEP

12288:q48KXmRZX8mw17sdv450R+7dfqqTOXv4u:q4pXmRd8mUIVCI6dDY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
322832e150c5b26f4b9bb80fb452f6c2_JaffaCakes118

Files

322832e150c5b26f4b9bb80fb452f6c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ad39c7ecaa78e4fda3261f088cb71a44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
LCMapStringW
DebugBreak
GetSystemInfo
WideCharToMultiByte
PulseEvent
TlsGetValue
VirtualFree
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetStdHandle
GetDateFormatA
FreeEnvironmentStringsA
InterlockedExchange
GetStartupInfoW
FlushFileBuffers
GetTickCount
GetOEMCP
GetTimeZoneInformation
TerminateProcess
LockResource
EnumSystemLocalesA
GetEnvironmentStrings
QueryPerformanceCounter
GetModuleHandleA
GetStdHandle
SetConsoleCtrlHandler
ExitProcess
GetCPInfo
ReadFile
VirtualQuery
TlsSetValue
GetCurrentThread
GetModuleFileNameW
GetTimeFormatA
LoadLibraryA
OpenMutexA
IsValidCodePage
InitializeCriticalSection
CloseHandle
GetLastError
GetVersionExA
DeleteCriticalSection
InterlockedDecrement
GetModuleFileNameA
GetStringTypeW
HeapValidate
LeaveCriticalSection
IsBadWritePtr
CompareStringA
GetACP
HeapFree
GetEnvironmentStringsW
CreateMutexA
TlsAlloc
VirtualAlloc
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
IsValidLocale
GetCommandLineA
ReleaseMutex
WriteFile
CompareStringW
GetCurrentThreadId
IsBadReadPtr
RtlUnwind
GetFileType
HeapReAlloc
GetStringTypeA
SetLastError
SetHandleCount
OutputDebugStringA
HeapCreate
GetLocaleInfoW
GetLocaleInfoA
EnterCriticalSection
HeapDestroy
VirtualProtect
GetSystemTimeAsFileTime
HeapAlloc
LCMapStringA
GetUserDefaultLCID
CreateProcessA
InterlockedIncrement
SetFilePointer
GetPriorityClass
GetStartupInfoA
TlsFree
GetProcAddress
MultiByteToWideChar

comctl32

InitCommonControlsEx

user32

ToUnicodeEx
InsertMenuItemW
DlgDirSelectExW
RegisterClassExA
ReplyMessage
DestroyMenu
PackDDElParam
RegisterClassA
DdeAbandonTransaction
GetDCEx
SetWindowPos
ActivateKeyboardLayout
ToUnicode
EndDeferWindowPos
MonitorFromWindow
DdeSetQualityOfService
ToAsciiEx
CreateIconFromResourceEx
GetUserObjectInformationA
CreateDialogParamA
PeekMessageW

Sections

.text
Size: 259KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad39c7ecaa78e4fda3261f088cb71a44

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 259KB - Virtual size: 259KB

.rdata Size: 34KB - Virtual size: 46KB

.data Size: 91KB - Virtual size: 91KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 259KB - Virtual size: 259KB

.rdata
Size: 34KB - Virtual size: 46KB

.data
Size: 91KB - Virtual size: 91KB

.rsrc
Size: 12KB - Virtual size: 11KB