33ea61b4e0c9b9d7e44b79ff12e3f642_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

33ea61b4e0c9b9d7e44b79ff12e3f642_JaffaCakes118
Size

467KB
MD5

33ea61b4e0c9b9d7e44b79ff12e3f642
SHA1

9d952f5deccdfbc1045f98d0e4c10381e15478de
SHA256

fa9be68bbd859aa1bdff96e765e8700ec395b14946c240b67b4c38b2ae38a1bd
SHA512

37aee0ce8029dcf0d2b55e6328e9330b48d27550db9077b2a648827f7ddbcfe66901a6d562184162599c2f27825059c5fafd57b5b4e331338c147758ab1d07ed
SSDEEP

12288:ngbc0FnawF5/XCGIOB8/+MNAAkKoXHpRfLWXo1eq:go0F7yvOBg+MNapRLWXoUq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33ea61b4e0c9b9d7e44b79ff12e3f642_JaffaCakes118

Files

33ea61b4e0c9b9d7e44b79ff12e3f642_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5242048afd6389867c8c8913709b850

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UnregisterDeviceNotification
MessageBoxExA
GetClassInfoW
SetActiveWindow
GetKeyboardState
VkKeyScanW
BringWindowToTop
GetDlgItemTextW
UpdateWindow
LoadMenuW
RegisterClassExA
CascadeWindows
WindowFromDC
LoadImageA
GetGUIThreadInfo
GetWindowRgn
SetClipboardData
DialogBoxIndirectParamA
CopyAcceleratorTableW
GetClipboardOwner
RegisterClassA
SetDlgItemInt
SetWindowsHookExW
ShowScrollBar

kernel32

GetProcAddress
HeapCreate
VirtualAlloc
GetStringTypeW
HeapFree
LeaveCriticalSection
GetStringTypeA
GetCurrentThreadId
GetFileType
GetCompressedFileSizeW
GetVersion
InterlockedIncrement
SetFilePointer
QueryPerformanceCounter
GetStartupInfoA
FreeEnvironmentStringsW
VirtualQuery
HeapDestroy
LCMapStringA
GetLocalTime
GetCurrentThread
GetProcessAffinityMask
TlsAlloc
GetThreadPriority
GetLastError
LoadLibraryA
UnhandledExceptionFilter
CloseHandle
FlushFileBuffers
GetSystemTime
VirtualFree
SetLastError
GetSystemTimeAsFileTime
GetModuleHandleA
GetEnvironmentStrings
ExitProcess
SetStdHandle
GetACP
InterlockedExchange
GetOEMCP
GetEnvironmentStringsW
SetFileAttributesW
GetCurrentProcessId
HeapAlloc
TlsGetValue
LCMapStringW
CompareStringA
IsBadWritePtr
SetThreadContext
GetCommandLineA
GetCurrentProcess
MultiByteToWideChar
GetCPInfo
HeapReAlloc
RtlUnwind
InterlockedDecrement
GlobalCompact
FreeEnvironmentStringsA
GetStdHandle
CreateMutexA
LoadResource
OpenMutexA
CompareStringW
FindFirstFileExW
DeleteCriticalSection
GetTimeZoneInformation
TlsFree
SetHandleCount
WideCharToMultiByte
InitializeCriticalSection
WriteFile
SetEnvironmentVariableA
GetTickCount
TerminateProcess
EnterCriticalSection
GetModuleFileNameA
OutputDebugStringA
TlsSetValue
ReadFile

comctl32

InitCommonControlsEx

Sections

.text
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5242048afd6389867c8c8913709b850

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 315KB - Virtual size: 315KB

.rdata Size: 33KB - Virtual size: 48KB

.data Size: 102KB - Virtual size: 102KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 315KB - Virtual size: 315KB

.rdata
Size: 33KB - Virtual size: 48KB

.data
Size: 102KB - Virtual size: 102KB

.rsrc
Size: 15KB - Virtual size: 14KB