34b9c38b2a702383093c1ef1cfd34299_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

34b9c38b2a702383093c1ef1cfd34299_JaffaCakes118
Size

493KB
MD5

34b9c38b2a702383093c1ef1cfd34299
SHA1

5cff2b50ad5712d0a71a785492fdcb33bc06b38b
SHA256

2b8df23fbaac9dfc9bab770be06efb5908f505131b8638791f4817cc9f34203b
SHA512

0e6448a6a0a40e3202f8512a5e392bc1757b38c6b05f0a457c0e9eb60db0b35eaa93ce3bec7d4ccc807e826bfe8655a03dba00cc1a1bcd25e878d5ddd6953eb0
SSDEEP

12288:/ViM7HyR8ycBXNQPs/fFV85XP73TAwWTx:B7HyGycB9QPs3T85fDTA5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34b9c38b2a702383093c1ef1cfd34299_JaffaCakes118

Files

34b9c38b2a702383093c1ef1cfd34299_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d73e5c2baca9dbbf03b1818de75b99dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetClassLongW
SetCursor
CharUpperW
GetComboBoxInfo
SystemParametersInfoA
PostThreadMessageA
RegisterClassExA
RegisterClassA
GetMenuStringA

comctl32

InitCommonControlsEx

kernel32

GetCPInfo
GetCurrentThreadId
lstrcpy
GetStartupInfoW
ReadFile
GetOEMCP
CreateFileA
FindFirstFileA
GetConsoleMode
IsValidLocale
WriteConsoleW
SetConsoleCtrlHandler
IsDebuggerPresent
GetTimeFormatA
TerminateProcess
RtlUnwind
CloseHandle
GetConsoleOutputCP
GetStartupInfoA
GetCommandLineW
GetLocaleInfoA
CreateMutexA
FreeLibrary
LoadLibraryExA
WideCharToMultiByte
GetEnvironmentStringsW
VirtualFree
EnumSystemLocalesA
GetStringTypeA
GetFileType
HeapCreate
GetACP
InterlockedExchange
UnhandledExceptionFilter
WriteConsoleA
HeapDestroy
GetLastError
SetEnvironmentVariableA
IsValidCodePage
GetTimeZoneInformation
InitializeCriticalSection
GetEnvironmentStrings
HeapReAlloc
GetModuleHandleA
QueryPerformanceCounter
GetConsoleCP
HeapAlloc
WriteFile
TlsGetValue
ExitProcess
CompareStringW
SetLastError
GetCurrentThread
GetSystemTimeAsFileTime
InterlockedDecrement
GetStdHandle
SetFilePointer
MultiByteToWideChar
GetVersionExA
LoadLibraryA
GetModuleFileNameA
DeleteCriticalSection
CompareStringA
GetPrivateProfileIntW
GetUserDefaultLCID
GetCurrentProcessId
VirtualAlloc
FreeEnvironmentStringsW
GetProcessHeap
ConnectNamedPipe
HeapSize
GetCommandLineA
GetCurrentDirectoryA
OpenMutexA
VirtualQuery
GetStringTypeW
InterlockedIncrement
WaitCommEvent
LeaveCriticalSection
SetUnhandledExceptionFilter
TlsSetValue
FreeEnvironmentStringsA
GetModuleFileNameW
SetHandleCount
GetSystemTimeAdjustment
SetStdHandle
Sleep
GetDateFormatA
TlsAlloc
GetLogicalDriveStringsW
FlushFileBuffers
SetEnvironmentVariableW
HeapFree
EnterCriticalSection
GetLocaleInfoW
GetTickCount
LCMapStringA
WriteConsoleOutputCharacterW
GetCurrentProcess
TlsFree
GetProcAddress
LCMapStringW

Sections

.text
Size: 299KB - Virtual size: 299KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d73e5c2baca9dbbf03b1818de75b99dc

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 299KB - Virtual size: 299KB

.rdata Size: 69KB - Virtual size: 85KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 299KB - Virtual size: 299KB

.rdata
Size: 69KB - Virtual size: 85KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 17KB - Virtual size: 17KB