338860dc1c5386c9ab6357039eb8b3c5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

338860dc1c5386c9ab6357039eb8b3c5_JaffaCakes118
Size

858KB
MD5

338860dc1c5386c9ab6357039eb8b3c5
SHA1

4094ee1af17fce512927cdc7eca5d45a40a5ccdd
SHA256

139810bb9a511119879308df2210aec2d7faab409952855f519a5be60d338122
SHA512

3cbdaeae229904b9222865e34f460db4813a3e54f8d1acce1c78add18aa16843bc16143e1b066ff060db5be4b6504f98d7a94baef480ca6702278cf6d6901de4
SSDEEP

24576:KK93SuLGonvPzWtD/9YE9D/8uOCRUkpuiw4EBv:T93ZvW/b9j8uO4je

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
338860dc1c5386c9ab6357039eb8b3c5_JaffaCakes118

Files

338860dc1c5386c9ab6357039eb8b3c5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

df6718adfc4e0485cc51bad656c2a645

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalSize
InitializeCriticalSection
GetCommandLineA
lstrcmpW
EnterCriticalSection
GetTimeFormatW
GetFileTime
GetFileType
LoadLibraryA
GetCurrentThread
FindResourceA
EnumSystemLocalesA
SetThreadPriority
LockFile
GetTimeZoneInformation
FreeLibrary
GetThreadLocale
ExitProcess
InterlockedIncrement
LeaveCriticalSection
GetDriveTypeA
VirtualFree
WritePrivateProfileStringA
GetStringTypeA
DeleteCriticalSection
GetEnvironmentVariableA
GetSystemDirectoryW
SetFileAttributesW
VirtualAlloc
GetLocalTime
WideCharToMultiByte
MultiByteToWideChar
WriteConsoleW
CompareStringA
GetExitCodeProcess
IsValidCodePage
FindClose
GetShortPathNameW
ResetEvent
FreeResource

user32

EndDialog
SetParent
GetWindowTextA
SetCapture
GetMenu
EnableMenuItem
TranslateMessage
CallWindowProcA
FindWindowW
GetWindowPlacement
IsIconic
DialogBoxParamW
UpdateWindow
CreateWindowExA
RemoveMenu
PeekMessageA
PeekMessageW
SetScrollPos
GetSystemMetrics
SetDlgItemTextA
SystemParametersInfoW
SetDlgItemTextW
GetClassInfoExW
UnionRect
RegisterClassExW
SetWindowTextW
DestroyIcon
GetSysColorBrush
SetWindowsHookExW
CopyRect
IsRectEmpty
MsgWaitForMultipleObjects
SetScrollInfo
EqualRect

msvcrt

time
exit
_stricmp
__p__commode
_vsnprintf
__getmainargs
?terminate@@YAXXZ
__set_app_type
_adjust_fdiv
wcsrchr
__setusermatherr

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 576KB - Virtual size: 576KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df6718adfc4e0485cc51bad656c2a645

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 139KB - Virtual size: 139KB

.rdata Size: 576KB - Virtual size: 576KB

.data Size: 140KB - Virtual size: 1.6MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 139KB - Virtual size: 139KB

.rdata
Size: 576KB - Virtual size: 576KB

.data
Size: 140KB - Virtual size: 1.6MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B