3af7a54fef2b58d14b105cbdacec26ed_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3af7a54fef2b58d14b105cbdacec26ed_JaffaCakes118
Size

544KB
MD5

3af7a54fef2b58d14b105cbdacec26ed
SHA1

61290645c0558808e09d9ebaa25f41fe087b823f
SHA256

7925e5620003e0795bb08e14bcb0881729a910a6238271ab1a063f3912c721de
SHA512

61956bfd8ebe7af7d0c2c957c77530c0f8e5765a6c8be8671eea5474a6d09531dabd31d947158ac9070e7c1eee32b9adc8e1065d3b3312268ee295810d36d041
SSDEEP

12288:02TO9unOHzQAeHIepV7BYuRXKFywmpiJEz:02C9uOTQAeH3VYuRYtJEz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3af7a54fef2b58d14b105cbdacec26ed_JaffaCakes118

Files

3af7a54fef2b58d14b105cbdacec26ed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9bdade9fcb2ac7ccd7aab65dcce692b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyboardLayoutNameA
RegisterClassA
InSendMessage
RegisterClassExA

comctl32

InitCommonControlsEx

kernel32

CreateMutexA
GetACP
TlsGetValue
HeapReAlloc
TlsSetValue
GetUserDefaultLCID
GetTimeFormatA
SetHandleCount
EnumSystemLocalesA
GetProcAddress
GetCurrentProcess
GetEnvironmentStringsW
LeaveCriticalSection
DebugBreak
LoadLibraryA
CompareStringA
SetLastError
UnlockFileEx
IsBadReadPtr
lstrlenW
CommConfigDialogA
HeapDestroy
DeleteCriticalSection
GetCPInfo
HeapValidate
OpenMutexW
GetVersionExA
InterlockedExchange
OutputDebugStringA
FlushFileBuffers
GetLogicalDrives
SetEnvironmentVariableA
GetSystemTimeAsFileTime
GetStringTypeW
GetCurrentThread
TlsFree
GetMailslotInfo
GetStdHandle
GetTickCount
VirtualQuery
GetStringTypeA
ContinueDebugEvent
SetConsoleCtrlHandler
IsValidCodePage
InterlockedIncrement
IsBadWritePtr
IsValidLocale
GetModuleHandleA
VirtualFree
OpenMutexA
GetCurrentThreadId
RtlUnwind
TerminateProcess
InterlockedDecrement
ExitProcess
EnterCriticalSection
GetFileType
HeapFree
GetSystemInfo
LCMapStringA
CloseHandle
GetTimeZoneInformation
GetEnvironmentStrings
GetCommandLineA
HeapAlloc
GetCurrentProcessId
WriteFile
LCMapStringW
WideCharToMultiByte
UnhandledExceptionFilter
TlsAlloc
GetOEMCP
GetLocaleInfoW
CompareStringW
FreeEnvironmentStringsW
GetStartupInfoA
VirtualProtect
InitializeCriticalSection
GetDateFormatA
FreeEnvironmentStringsA
GetModuleFileNameA
VirtualAlloc
GetWindowsDirectoryW
SetFilePointer
GetLocaleInfoA
ReadFile
SetStdHandle
MultiByteToWideChar
FillConsoleOutputAttribute
QueryPerformanceCounter
GetLastError
SetConsoleActiveScreenBuffer
LocalFree
HeapCreate

Sections

.text
Size: 389KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bdade9fcb2ac7ccd7aab65dcce692b0

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 389KB - Virtual size: 388KB

.rdata Size: 21KB - Virtual size: 46KB

.data Size: 114KB - Virtual size: 114KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 389KB - Virtual size: 388KB

.rdata
Size: 21KB - Virtual size: 46KB

.data
Size: 114KB - Virtual size: 114KB

.rsrc
Size: 18KB - Virtual size: 18KB