34c63cca3ec59beb9577275e9a9b7fa8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

34c63cca3ec59beb9577275e9a9b7fa8_JaffaCakes118
Size

684KB
MD5

34c63cca3ec59beb9577275e9a9b7fa8
SHA1

1814c9219b4c76c00523718e5b82f65af02596da
SHA256

c2407dde65f6c3bc179537aa6e64a44ee1bf4b8276f4024e550d48fdab0c6978
SHA512

bfa8b2d4e9cd8af1a511e64ab00e353d9f583a386421478cd03f961252d12178ad094f5e52e6c5e34d4953d4c0b4a4bd00d4e970fc2079f5b8152d3f6d8245d0
SSDEEP

12288:JdjKzT0vtgJU70CAz3rFGOI+Afd87uTnwiods8qsComqnegn7QgrGouM:/ezT1XDRI+AfGKwisspsCom+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34c63cca3ec59beb9577275e9a9b7fa8_JaffaCakes118

Files

34c63cca3ec59beb9577275e9a9b7fa8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

76595c47c11ef18fe9b155c86fcf45e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostQuitMessage
SetWindowPos
DispatchMessageA
GetDC
GetCursorPos
ReleaseDC
DestroyWindow
GetParent
UpdateWindow
TranslateMessage
IsWindowEnabled
SetForegroundWindow
EnableMenuItem
RegisterClassA
GetSubMenu
FillRect
SetFocus
BeginPaint
DefWindowProcA
GetSystemMetrics
SetWindowLongA
SetWindowTextA
GetWindowLongA
LoadIconA
SendMessageA
GetDesktopWindow
EndDialog
MessageBoxA
GetSysColor
InvalidateRect
wsprintfA
GetClientRect
GetFocus
SetCursor

kernel32

DeleteFileA
LCMapStringA
GetACP
GetCPInfo
LeaveCriticalSection
RtlUnwind
TlsGetValue
TlsSetValue
GetEnvironmentStrings
GetVersion
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
FindNextFileA
HeapDestroy
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
WideCharToMultiByte
VirtualAlloc
FindResourceA
VirtualFree
UnmapViewOfFile
CreateProcessA
SetStdHandle
GetModuleHandleW
lstrcpynA
CloseHandle
FindFirstFileA
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCommandLineW
GetCurrentProcessId
SizeofResource
lstrlenW
GlobalAlloc
GlobalUnlock
GetEnvironmentStringsW
lstrlenA
HeapCreate
LCMapStringW
GetLastError
InterlockedIncrement
HeapAlloc
CreateFileA
GetFileType
CreateEventA
Sleep
GlobalLock
WaitForMultipleObjects
FindFirstFileW
FindNextFileW
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
SetEvent
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
GetCurrentThreadId
SetEndOfFile
VirtualQuery
WriteConsoleA
SetUnhandledExceptionFilter
TerminateProcess
CreateThread
GetModuleHandleA
CreateMutexA
MultiByteToWideChar
UnhandledExceptionFilter
GetPrivateProfileStringA
lstrcmpiW
GetModuleFileNameA
FlushFileBuffers
ExitProcess
IsDebuggerPresent
GetModuleFileNameW
GetEnvironmentVariableA
SetLastError
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
LocalFree
GetOEMCP
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 624KB - Virtual size: 623KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76595c47c11ef18fe9b155c86fcf45e7

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 624KB - Virtual size: 623KB

.data Size: 28KB - Virtual size: 29KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 624KB - Virtual size: 623KB

.data
Size: 28KB - Virtual size: 29KB

.rsrc
Size: 4KB - Virtual size: 2KB