31f1dc067fb90cd6d7c0f22629416468_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

31f1dc067fb90cd6d7c0f22629416468_JaffaCakes118
Size

417KB
MD5

31f1dc067fb90cd6d7c0f22629416468
SHA1

ff0581c575e6a2e420b5fe4e3421158f5062e121
SHA256

c861ab219043227e73ea4d1e56ded10e04dd8a8ea7e6e4eef2107716562ee9e7
SHA512

12d5bd4ca8515ee1a8abe221eacf77ab8cf795827dc17076e17032e487b02eca8689e3a9d9d91b3a02c781bcb3f857a151179449586b88866ff81f9fd87d804f
SSDEEP

12288:KxiVscIowPqWQKVthvsabdsBjsVgMrPtVtUXOytnuPlowLfM3R6:AiLYqJKVthdOaTIemIlovB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31f1dc067fb90cd6d7c0f22629416468_JaffaCakes118

Files

31f1dc067fb90cd6d7c0f22629416468_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba66afc0a736d955e78dc8f71c077411

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
GetStartupInfoW
GetStringTypeA
IsValidCodePage
GetProcAddress
GetStringTypeW
HeapReAlloc
LCMapStringA
CreateWaitableTimerA
GetEnvironmentStrings
GetCurrentProcessId
LeaveCriticalSection
UnlockFile
EnumSystemLocalesA
MultiByteToWideChar
TlsFree
GetSystemInfo
EnumResourceTypesW
SetEnvironmentVariableA
TlsGetValue
GetACP
SetLastError
SetConsoleTextAttribute
GetLocaleInfoW
GetTimeZoneInformation
GetDiskFreeSpaceExA
GetCurrentThread
LocalAlloc
WriteFile
ExitProcess
GetTickCount
lstrcmpA
LCMapStringW
HeapFree
GetNumberFormatW
GetModuleFileNameA
GetLastError
LoadLibraryA
QueryPerformanceCounter
CreateSemaphoreW
VirtualAlloc
SetThreadIdealProcessor
GetFullPathNameW
TlsAlloc
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
VirtualFree
CompareStringA
FreeEnvironmentStringsA
GetCommandLineA
HeapSize
SetHandleCount
GetStdHandle
lstrcpyn
GetSystemTimeAsFileTime
CompareStringW
LoadResource
WriteProfileSectionA
DeleteCriticalSection
FreeEnvironmentStringsW
FindNextFileW
IsBadWritePtr
GetUserDefaultLCID
UnhandledExceptionFilter
FindNextFileA
GetCPInfo
InitializeCriticalSection
VirtualProtect
GetStartupInfoA
IsValidLocale
GetCommandLineW
ExitThread
InterlockedExchange
GetEnvironmentStringsW
TlsSetValue
GetConsoleTitleA
GetVersionExA
GetFileSize
EnterCriticalSection
GetTimeFormatA
GetOEMCP
HeapAlloc
HeapDestroy
SetComputerNameA
GetDiskFreeSpaceA
GetModuleFileNameW
VirtualQuery
GetModuleHandleA
HeapCreate
GetDateFormatA
GetLocaleInfoA
RtlUnwind
EnumResourceLanguagesW
WideCharToMultiByte
FileTimeToSystemTime

user32

ToUnicodeEx
ChangeMenuA
ModifyMenuA
EnumDisplaySettingsA
MessageBoxA
ChangeDisplaySettingsExW
CharNextW
MonitorFromRect
CallMsgFilterW
EnumDisplayMonitors
DefFrameProcA
DefDlgProcW
SetDebugErrorLevel
GetMessageTime
GetWindowContextHelpId
IsCharLowerA
CharNextExA
DdeQueryStringW
DestroyCursor
GetShellWindow
ClipCursor
CopyAcceleratorTableA
GetNextDlgGroupItem
DdeFreeStringHandle
MenuItemFromPoint

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba66afc0a736d955e78dc8f71c077411

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 132KB - Virtual size: 132KB

.data Size: 272KB - Virtual size: 290KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 132KB - Virtual size: 132KB

.data
Size: 272KB - Virtual size: 290KB

.rsrc
Size: 11KB - Virtual size: 11KB