326782d634013cbc8c74db9b878015a2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

326782d634013cbc8c74db9b878015a2_JaffaCakes118
Size

515KB
MD5

326782d634013cbc8c74db9b878015a2
SHA1

04ad0cda8b3f68a2cc2a3dc3208cfb9be2145e35
SHA256

64a58b76f509bd7abfca947e8a0a306f2fe079fe347f3ad82d4cf9db9972a671
SHA512

c98ea3b1c68399ccfb01a9f0f46ec0c2af6f74a9242b3371d6284dcabf04f0b9674f6e17514f1cd70433b0f87f98f1e8fed8c607fa0aab435b8c782528351266
SSDEEP

12288:sfJP/xuCQmoqDfYHXMIctltxIL/SvBry7q2B84jvm9:sfJXxu7v8+bctl/IeA84j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
326782d634013cbc8c74db9b878015a2_JaffaCakes118

Files

326782d634013cbc8c74db9b878015a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb775a99dbf3a841ff3f647e6a3c7079

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
VirtualAlloc
InitializeCriticalSection
GetEnvironmentStringsW
IsDebuggerPresent
TransmitCommChar
GetLocaleInfoW
WriteConsoleA
LoadLibraryA
GetTimeZoneInformation
SetThreadAffinityMask
HeapCreate
LCMapStringA
SetConsoleCtrlHandler
IsValidLocale
TlsGetValue
GetCurrentThreadId
GetModuleFileNameA
EnterCriticalSection
CompareStringA
GetStringTypeA
CreateFileA
GetSystemTimeAsFileTime
HeapFree
TerminateProcess
GetEnvironmentStrings
IsValidCodePage
SetEnvironmentVariableA
OpenSemaphoreA
GetStartupInfoA
GetStringTypeW
TlsSetValue
GetStdHandle
GetCommandLineA
GetCurrencyFormatA
FlushFileBuffers
SetStdHandle
GetLocaleInfoA
FreeEnvironmentStringsW
CompareStringW
GetLastError
GetProcessHeap
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
LCMapStringW
GetCPInfo
UnhandledExceptionFilter
GetConsoleOutputCP
SetLastError
FreeLibrary
MultiByteToWideChar
CreateMutexA
ContinueDebugEvent
SetFilePointer
Sleep
HeapSize
WideCharToMultiByte
HeapReAlloc
EnumSystemLocalesA
GetConsoleCP
HeapAlloc
GetACP
lstrlenA
LeaveCriticalSection
CloseHandle
InterlockedExchange
GetUserDefaultLCID
GetModuleHandleA
GetTimeFormatA
WriteConsoleW
HeapDestroy
TlsAlloc
GetCurrentThread
ReadFile
OpenMutexA
InterlockedDecrement
GetOEMCP
ExitProcess
GetProcAddress
VirtualFree
InterlockedIncrement
SetUnhandledExceptionFilter
VirtualQuery
FindNextFileW
WriteFile
GetConsoleMode
GetVersionExA
GetDateFormatA
SetHandleCount
TlsFree
GetCurrentProcess
GetCurrentProcessId
FreeEnvironmentStringsA
RtlUnwind

user32

SetWindowsHookW
LoadCursorFromFileA
CallMsgFilter
IsWindowVisible
SetWindowLongW
GetTabbedTextExtentA
SetDoubleClickTime
RegisterHotKey
OpenWindowStationA
RegisterClassExA
BringWindowToTop
SetMenuItemInfoW
CloseDesktop
RegisterClipboardFormatW
CharLowerBuffW
TranslateAcceleratorW
RegisterClassA
LoadKeyboardLayoutW

comctl32

InitCommonControlsEx

Sections

.text
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb775a99dbf3a841ff3f647e6a3c7079

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 183KB - Virtual size: 182KB

.rdata Size: 9KB - Virtual size: 36KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 183KB - Virtual size: 182KB

.rdata
Size: 9KB - Virtual size: 36KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 8KB - Virtual size: 7KB