311983d95a99d072adf663fa7d55a9fb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

311983d95a99d072adf663fa7d55a9fb_JaffaCakes118
Size

485KB
MD5

311983d95a99d072adf663fa7d55a9fb
SHA1

801036072fa78be2e0afc454120a9dfe4b4d5845
SHA256

73d6420c85f4533339ea0ac97a5fd1c0e795c76ed9d893c778726f6433e05d08
SHA512

7dbcb357820cc4045931f472e707da9a27270f882ac68d286c69ea9798a45c535f5c010b56df4651a721aba2941d9e768f1591c6e7f1317b135a4e69480f4646
SSDEEP

12288:/h30xgoMbZbwZsgT5mioL11Xgnd/W7FTvn3av6lziDmBpnN:ILMSZsgTVojXy/AFTvqCViKnN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
311983d95a99d072adf663fa7d55a9fb_JaffaCakes118

Files

311983d95a99d072adf663fa7d55a9fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

142c8ec877bc5ec6abf9085f1bb8f2d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
GetTimeFormatA
GetVersionExA
MultiByteToWideChar
GetProcAddress
HeapCreate
HeapReAlloc
SetEnvironmentVariableA
CopyFileExA
GetLastError
GetCurrentProcessId
SetLastError
GetUserDefaultLCID
FreeLibrary
SetUnhandledExceptionFilter
TlsSetValue
HeapDestroy
GetExitCodeThread
Sleep
UnhandledExceptionFilter
GetCommandLineA
TlsFree
SystemTimeToFileTime
GetStartupInfoA
InitializeCriticalSection
ReadConsoleOutputCharacterW
GetEnvironmentStringsW
GetProcessHeaps
VirtualFreeEx
ExitProcess
GetTickCount
EnumCalendarInfoExA
SetHandleCount
HeapFree
DeleteCriticalSection
GetModuleFileNameA
GetOEMCP
LoadLibraryA
QueryPerformanceCounter
CompareStringW
VirtualAlloc
TransmitCommChar
FreeLibraryAndExitThread
TlsGetValue
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
WriteFile
EnterCriticalSection
GetACP
GetDateFormatA
LCMapStringA
TlsAlloc
GetTimeZoneInformation
SetConsoleActiveScreenBuffer
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
IsValidLocale
GetThreadContext
FreeEnvironmentStringsW
GetCPInfo
LocalUnlock
LeaveCriticalSection
InterlockedDecrement
WideCharToMultiByte
WaitNamedPipeW
GetCurrentThread
LCMapStringW
FindAtomA
GetStringTypeW
SetConsoleCtrlHandler
GetEnvironmentStrings
GetSystemTimeAdjustment
InterlockedExchange
GetLocaleInfoA
VirtualFree
CompareStringA
InterlockedIncrement
FoldStringW
ConnectNamedPipe
HeapSize
GetStringTypeA
HeapAlloc
IsValidCodePage
EnumSystemLocalesA
GetFullPathNameA
GetStdHandle
VirtualQuery
GetModuleHandleA
IsDebuggerPresent
GetFileType
GetProcessHeap
RtlUnwind

gdi32

GetMetaFileA
SelectClipRgn
SetBitmapBits
TextOutA
FillPath
CreateRectRgnIndirect
CreateDIBPatternBrush
GetTextColor
MaskBlt
GetTextExtentPoint32A
OffsetViewportOrgEx
CopyEnhMetaFileW
ScaleViewportExtEx
CreateCompatibleDC
GetRgnBox
DeleteDC
UpdateICMRegKeyA
GetCharABCWidthsFloatW

Sections

.text
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

142c8ec877bc5ec6abf9085f1bb8f2d5

Headers

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 197KB - Virtual size: 197KB

.data Size: 279KB - Virtual size: 279KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 197KB - Virtual size: 197KB

.data
Size: 279KB - Virtual size: 279KB

.rsrc
Size: 7KB - Virtual size: 7KB