31f896361f4156f739cb7004053f80dc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

31f896361f4156f739cb7004053f80dc_JaffaCakes118
Size

515KB
MD5

31f896361f4156f739cb7004053f80dc
SHA1

f3ebc09e57d3c0556b318bca40920bb662e515c5
SHA256

3f3cb128c60451142612bad8a6b50f91ba27173230143533e209a7da592f0bb1
SHA512

bc6200ade615b295b87f33acd012ee1d303f398d53e0c4c0d54d4df2b7875aebaa988d961c9ae53cb3a5883daa76c09526b64e52cbf45d828e957a3c4e5d7b20
SSDEEP

12288:VkmfH7rG/G0JzFV/OOhHdt5BGnM+cAbJe/RYXrDl:VN3G/G0vV/jh9trYvbuab

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31f896361f4156f739cb7004053f80dc_JaffaCakes118

Files

31f896361f4156f739cb7004053f80dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15fe384b39e512e143fa5f1a91785923

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyCaret
SendInput
RemovePropA
GetKeyboardType
SetMenuDefaultItem
SetCapture
WinHelpW
RegisterClassA
GetClassNameA
SetMenuItemInfoW
DrawStateA
GetScrollInfo
MapVirtualKeyA
GetProcessWindowStation
PaintDesktop
RegisterClassExA
GetMenuState
CreateWindowExW
SetMenuInfo
EnumDesktopsW
DefWindowProcA

comctl32

InitCommonControlsEx

comdlg32

ChooseColorW

kernel32

MoveFileW
TransmitCommChar
GetOEMCP
TerminateProcess
GetTimeFormatA
GetACP
GetConsoleOutputCP
GetCurrentThread
CompareStringA
CreatePipe
CompareStringW
GetModuleHandleW
WriteFile
LoadLibraryA
SetStdHandle
ExitProcess
ReadFile
EnumSystemLocalesA
GetModuleFileNameA
FreeEnvironmentStringsW
GetCurrentProcessId
TlsFree
TlsAlloc
CloseHandle
GetConsoleMode
GetLastError
FreeLibrary
WideCharToMultiByte
LCMapStringW
SetUnhandledExceptionFilter
DeleteAtom
InterlockedDecrement
CreateFileA
SetFilePointer
WriteConsoleW
HeapCreate
RtlUnwind
GetConsoleTitleW
HeapDestroy
DeleteCriticalSection
HeapFree
VirtualProtectEx
FlushFileBuffers
VirtualAlloc
GetSystemTimeAsFileTime
GetLocaleInfoW
GetStringTypeA
GetStdHandle
VirtualProtect
GetLocaleInfoA
CreateMutexA
InterlockedIncrement
GetTimeZoneInformation
EnterCriticalSection
GetFileType
VirtualFree
OpenMutexA
GetVersion
IsValidCodePage
GetCurrentProcess
WriteConsoleA
GetPrivateProfileStringW
SetHandleCount
SetConsoleCtrlHandler
InterlockedExchange
HeapReAlloc
GetCommandLineW
GetDateFormatA
GetConsoleCP
MultiByteToWideChar
TlsSetValue
GetUserDefaultLCID
QueryPerformanceCounter
IsDebuggerPresent
GetModuleHandleA
VirtualQuery
SetLastError
HeapAlloc
GetCurrentThreadId
GetTickCount
LeaveCriticalSection
GetCPInfo
GetProfileIntW
GetStartupInfoW
Sleep
IsValidLocale
SetEnvironmentVariableA
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
ReleaseMutex
GetEnvironmentStringsW
GetStringTypeW
LCMapStringA
GetProcAddress
TlsGetValue
GetCommandLineA
GetStartupInfoA
GetStringTypeExA
HeapSize
MoveFileExW
UnhandledExceptionFilter
CreateProcessW

Sections

.text
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 166B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15fe384b39e512e143fa5f1a91785923

Headers

File Characteristics

Imports

user32

comctl32

comdlg32

kernel32

Sections

.text Size: 189KB - Virtual size: 189KB

.rdata Size: 10KB - Virtual size: 38KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 512B - Virtual size: 166B

.text
Size: 189KB - Virtual size: 189KB

.rdata
Size: 10KB - Virtual size: 38KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 512B - Virtual size: 166B