3729a14be6b3a92265cf6d8e14c79abe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3729a14be6b3a92265cf6d8e14c79abe_JaffaCakes118
Size

715KB
MD5

3729a14be6b3a92265cf6d8e14c79abe
SHA1

5c5ec0b5112a74a95edc23ef093792eb3698320e
SHA256

64e3a2bba82027dd6ff631fa5890a7ba8331b62a0a4c0b1ca24d143c2b61c323
SHA512

5b6bcd5354d320825548b653f02763c4ba7048fcf3199f59d9722ca7c8adb77e62c473a50edde631899c417c4febf7b56536392aec070b9993197f4aaecba15d
SSDEEP

6144:TnEpURD51wpd4OtsAmcxKYpYXgZ3rHfVj:2El1wpd4OtspcxKYntj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3729a14be6b3a92265cf6d8e14c79abe_JaffaCakes118

Files

3729a14be6b3a92265cf6d8e14c79abe_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d7e8a92960f653a0c74e16fd7680ae4d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndPaint
DestroyWindow
GetMessageA
RegisterClassExA
PostQuitMessage
LoadStringA
LoadIconA
BeginPaint
TranslateMessage
TranslateAcceleratorA
EndDialog
DefWindowProcA
LoadAcceleratorsA
DispatchMessageA
LoadCursorA
DialogBoxParamA

kernel32

TlsAlloc
CreateFileW
SetStdHandle
WriteConsoleW
CloseHandle
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
HeapReAlloc
RtlUnwind
LoadLibraryW
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EncodePointer
DecodePointer
GetProcAddress
GetModuleHandleW
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
GetLastError
HeapFree
IsProcessorFeaturePresent
RaiseException
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
GetLocaleInfoW
FatalAppExitA
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 521KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7e8a92960f653a0c74e16fd7680ae4d

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 165KB - Virtual size: 165KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 521KB - Virtual size: 2.8MB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 165KB - Virtual size: 165KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 521KB - Virtual size: 2.8MB

.rsrc
Size: 4KB - Virtual size: 3KB