368ce3fdf31b4d320886a0abd7f7c265_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

368ce3fdf31b4d320886a0abd7f7c265_JaffaCakes118
Size

544KB
MD5

368ce3fdf31b4d320886a0abd7f7c265
SHA1

1c28811900573c24eb03dc810d5862f4b6085f0b
SHA256

6f7953e5ae2b80f2afdaaa155bf345cd4a0fcc2727651530498bafbc65b2fb03
SHA512

504b6e3c7362fad5c74a20f00ac2d28dc76d087e0f121e1d7d3d46788c5ce14586622ce1dee59f9bae1cae00f052bfe03942a4a3fc92879ad74261815f2ff236
SSDEEP

6144:tVk6U5QCcc5sh+X3XIvsuaiPu8FLH/8+tkEEJDBshayOx7Z8/P6VxEJBX0t:ti6CQCcb+X3YUQpEokEEJu8yHKgJF0t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
368ce3fdf31b4d320886a0abd7f7c265_JaffaCakes118

Files

368ce3fdf31b4d320886a0abd7f7c265_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77f174c57690ac3d98422415d24eefe4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
GetACP
GetLastError
GetCurrentThreadId
OpenMutexA
RemoveDirectoryW
GetStringTypeW
FlushFileBuffers
VirtualProtectEx
GetSystemTimeAsFileTime
EnterCriticalSection
CloseHandle
LCMapStringA
CreateMutexA
TlsSetValue
InitializeCriticalSection
GetStringTypeA
FlushInstructionCache
GetSystemTime
DeleteCriticalSection
VirtualAllocEx
TerminateProcess
SetFilePointer
TlsGetValue
TlsAlloc
FreeEnvironmentStringsA
MoveFileW
ReadConsoleOutputAttribute
WriteFile
CreateNamedPipeA
SetEnvironmentVariableA
GetPrivateProfileSectionA
InterlockedDecrement
VirtualQuery
GetProcAddress
TlsFree
MoveFileExA
FreeEnvironmentStringsW
GetStartupInfoA
SetLastError
IsBadWritePtr
InterlockedExchange
WideCharToMultiByte
GetPrivateProfileStructA
GetCurrentProcess
FileTimeToSystemTime
MultiByteToWideChar
GetTickCount
VirtualFree
GetModuleHandleA
GetEnvironmentStrings
RtlUnwind
SetStdHandle
HeapReAlloc
GetFileType
GetLocalTime
GetCurrentProcessId
LeaveCriticalSection
CompareStringW
GetStdHandle
GetCommandLineA
SetHandleCount
InterlockedIncrement
LCMapStringW
SetThreadLocale
LoadLibraryA
GetCompressedFileSizeW
GetOEMCP
UnhandledExceptionFilter
FindClose
QueryPerformanceCounter
HeapFree
CreateMailslotA
ExitProcess
HeapCreate
GetVersion
GetModuleFileNameA
GetTimeZoneInformation
GetEnvironmentStringsW
CompareStringA
VirtualAlloc
GetCurrentThread
ResetEvent
WritePrivateProfileSectionW
GetCPInfo
ReadFile
HeapAlloc

user32

ExcludeUpdateRgn
CreateWindowStationA
DdeAddData
RegisterClassA
SetWindowsHookA
DestroyWindow
DefWindowProcA
GetClipboardSequenceNumber
GetListBoxInfo
SetWindowRgn
CreateWindowExA
InvalidateRgn
ShowWindow
RegisterClassExA
MessageBoxA
SetWindowTextA
GetWindowWord

shell32

ShellExecuteExA
DoEnvironmentSubstW
SHQueryRecycleBinW
SHFileOperationA

comctl32

ImageList_LoadImageA
ImageList_DrawEx
ImageList_GetIcon
ImageList_BeginDrag
InitCommonControlsEx
ImageList_GetFlags
ImageList_Read
ImageList_DragMove
ImageList_GetIconSize
ImageList_DragLeave
MakeDragList
CreateStatusWindow
ImageList_Duplicate
ImageList_Remove
ImageList_Write
CreatePropertySheetPageA
ImageList_GetDragImage
ImageList_Copy
ImageList_Add
ImageList_GetBkColor
InitMUILanguage

Sections

.text
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 202KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77f174c57690ac3d98422415d24eefe4

Headers

File Characteristics

Imports

kernel32

user32

shell32

comctl32

Sections

.text Size: 195KB - Virtual size: 195KB

.rdata Size: 202KB - Virtual size: 232KB

.data Size: 110KB - Virtual size: 109KB

.rsrc Size: 35KB - Virtual size: 34KB

.text
Size: 195KB - Virtual size: 195KB

.rdata
Size: 202KB - Virtual size: 232KB

.data
Size: 110KB - Virtual size: 109KB

.rsrc
Size: 35KB - Virtual size: 34KB