31f1306c847640aa1178cf7f77e87a6a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

31f1306c847640aa1178cf7f77e87a6a_JaffaCakes118
Size

498KB
MD5

31f1306c847640aa1178cf7f77e87a6a
SHA1

306e17e60581654bc25a474910307b162f433cf6
SHA256

d4f9bb83acfeff05ca6405d3f9f37090e282a4569a48db0e9178dac00e857bf0
SHA512

dfe62df6f1395e0d404a88c1175c29314dc2481a93b553fc0580c9b4575e1cc52cd814b0012c07af855064ff5e6d6cffc68abd17c5620a696122accc98009dd7
SSDEEP

12288:zEol1z4XnlwY1eMOT6Q5FOd9CnZdDjoL4A+cmgIw5:rzImY1eXTZDdDEL4AkVw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31f1306c847640aa1178cf7f77e87a6a_JaffaCakes118

Files

31f1306c847640aa1178cf7f77e87a6a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6a2f8a00cfb1c0c07aa185e16fd0ec59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleW
PrintDlgW
FindTextA

user32

EnumDisplayDevicesA
CreateMenu
GetAltTabInfo
RegisterClassExA
GetIconInfo
CharNextExA
CharLowerA
CreateMDIWindowW
DefMDIChildProcW
RegisterClassA
CharToOemBuffW
SendMessageW
GetClipboardSequenceNumber
ShowWindow
DragDetect
IsChild
GetAsyncKeyState
GetParent

kernel32

GetModuleHandleA
InitializeCriticalSection
LoadLibraryW
GetConsoleCP
LCMapStringA
GetModuleFileNameA
ExitProcess
CreateEventW
GetCurrentProcessId
TerminateProcess
RtlUnwind
GetConsoleOutputCP
GetCurrentThread
VirtualQueryEx
GetTimeZoneInformation
GetDateFormatA
GetTickCount
HeapCreate
TlsFree
FreeResource
LeaveCriticalSection
EnumSystemCodePagesA
GetCurrentThreadId
CreateFileA
DeleteCriticalSection
SetStdHandle
FlushFileBuffers
GetLocaleInfoA
CompareStringA
TlsAlloc
WriteConsoleW
WriteConsoleA
GetUserDefaultLCID
GetFileAttributesExW
FreeEnvironmentStringsA
GetVersionExA
OpenMutexA
GetCurrentProcess
GetTimeFormatA
GetCompressedFileSizeA
IsDebuggerPresent
GetPrivateProfileStringA
SetFileAttributesW
InterlockedIncrement
VirtualFree
HeapAlloc
GetModuleFileNameW
GetLastError
HeapFree
SetLastError
GetCommandLineA
TlsGetValue
GetOEMCP
LCMapStringW
GetCommandLineW
GetStdHandle
WideCharToMultiByte
IsValidLocale
InterlockedDecrement
GetStartupInfoA
GetProcessHeap
LoadLibraryA
ReadFile
SetConsoleCtrlHandler
GetStringTypeW
HeapReAlloc
GetStringTypeA
VirtualAlloc
CreateMutexA
InterlockedExchange
MultiByteToWideChar
GetCPInfo
FreeLibrary
GetACP
GetSystemTimeAsFileTime
Sleep
ExpandEnvironmentStringsA
GetFileType
WriteFile
CompareStringW
GetEnvironmentStrings
SetHandleCount
SetEnvironmentVariableA
GetProcAddress
QueryPerformanceCounter
FreeEnvironmentStringsW
GetStartupInfoW
EnterCriticalSection
lstrlenW
SetFilePointer
VirtualQuery
FindAtomW
GetSystemDirectoryW
HeapSize
CloseHandle
GetConsoleMode
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapDestroy
TlsSetValue
GetLocaleInfoW
GetEnvironmentStringsW
EnumSystemLocalesA

comctl32

InitCommonControlsEx

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a2f8a00cfb1c0c07aa185e16fd0ec59

Headers

File Characteristics

Imports

comdlg32

user32

kernel32

comctl32

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 10KB - Virtual size: 34KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 10KB - Virtual size: 34KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 10KB - Virtual size: 9KB