366a360b98ad802d83589d279980f074_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

366a360b98ad802d83589d279980f074_JaffaCakes118
Size

509KB
MD5

366a360b98ad802d83589d279980f074
SHA1

fbee0a565f4bd67f64410b84cbf11bb9d17e5b24
SHA256

7b075c37af33acff9d2c2f71755386b15a1de10e4adf5bf9aeb5925d9a349a98
SHA512

035d04933dea4dc1730dd4c75b9fa2de6ab2746345712a030915d1d51230bb06d0e11f3e57c6e13bf4f0841a0dfe2d5a34e78f0129c3555df47c95d619e88870
SSDEEP

12288:C4vWs1YGx9bSBWs73zknyIe/OLyQ2oQzOpqeKlG:/1YGx9bKWs7DknJe/OLh2LUK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
366a360b98ad802d83589d279980f074_JaffaCakes118

Files

366a360b98ad802d83589d279980f074_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5240de526c15f80479a6cfa2e152d04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextA
GetSaveFileNameW
GetFileTitleW
ReplaceTextA

user32

IsDialogMessageW
MonitorFromPoint
GetProcessWindowStation
ToAscii
RegisterClassExA
RegisterClassA

comctl32

InitCommonControlsEx

kernel32

GetCurrentProcess
HeapDestroy
GetLocaleInfoA
GetLocalTime
InitializeCriticalSection
TlsGetValue
GetStdHandle
SetLastError
RtlUnwind
HeapAlloc
LoadLibraryExW
GetUserDefaultLCID
SetEnvironmentVariableA
WaitForMultipleObjects
LocalUnlock
GetStartupInfoA
GetTickCount
GetLastError
CreateMutexA
HeapReAlloc
HeapFree
FillConsoleOutputCharacterA
GetPrivateProfileSectionNamesA
GetModuleHandleA
CompareStringW
GetStringTypeA
SetUnhandledExceptionFilter
TlsAlloc
TlsSetValue
GetSystemTimeAsFileTime
GetCPInfo
CloseHandle
SetFilePointer
CompareStringA
QueryPerformanceCounter
WriteFile
GetEnvironmentStrings
SetHandleCount
GetModuleFileNameW
DebugActiveProcess
GetCurrentThread
ExitProcess
EnterCriticalSection
InterlockedCompareExchange
GetProcessHeap
FreeLibraryAndExitThread
GetFileType
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetDateFormatA
RemoveDirectoryA
GetConsoleOutputCP
GetCurrentProcessId
DeleteCriticalSection
SetSystemTime
GlobalFree
VirtualAlloc
GetThreadSelectorEntry
TlsFree
IsValidCodePage
WriteConsoleW
GetACP
GetVersionExA
LeaveCriticalSection
GetComputerNameA
FreeEnvironmentStringsW
FlushFileBuffers
HeapSize
GetLocaleInfoW
SetConsoleTitleW
SetStdHandle
FindFirstFileA
GetConsoleMode
LoadLibraryA
GetTimeZoneInformation
GetStringTypeW
GetStartupInfoW
MultiByteToWideChar
LCMapStringW
ReadFile
GetEnvironmentStringsW
VirtualProtectEx
IsValidLocale
InterlockedExchange
InterlockedIncrement
VirtualQuery
HeapCreate
EnumSystemLocalesA
InterlockedDecrement
CreateFileA
GlobalHandle
TerminateProcess
GetOEMCP
WriteConsoleA
GetProcAddress
GetConsoleCP
SetConsoleCtrlHandler
Sleep
OpenMutexA
WideCharToMultiByte
lstrcmp
GetTimeFormatA
GetCommandLineW
FreeLibrary
GetModuleFileNameA
VirtualFree
GetCommandLineA
LCMapStringA
GetCurrentThreadId
IsDebuggerPresent

Sections

.text
Size: 365KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5240de526c15f80479a6cfa2e152d04

Headers

File Characteristics

Imports

comdlg32

user32

comctl32

kernel32

Sections

.text Size: 365KB - Virtual size: 364KB

.rdata Size: 27KB - Virtual size: 31KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 365KB - Virtual size: 364KB

.rdata
Size: 27KB - Virtual size: 31KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 9KB - Virtual size: 9KB