38616705a0e1a8d719da6b1a35e755c5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38616705a0e1a8d719da6b1a35e755c5_JaffaCakes118
Size

458KB
MD5

38616705a0e1a8d719da6b1a35e755c5
SHA1

31260b4ce67bcb035f6f12e061904b645d6d6f14
SHA256

9e1a2dea122ac2932d54575df01f56d71e2ffc3d862f0f5b7eb3d55ed9d716f2
SHA512

6c00afd16d3c4c2b30d40c8d4edad0a70be8eefb6e896e956c43dea98605110bc3374543bcda3843542476e0470e856a244d0ac4dd52cb722b2bdb4424fe7b6a
SSDEEP

6144:YlQIIx/TqnZpnI3Jp3MwEqCBP3KcJ6PjB4XLhXg+lxMignKMJFmzeLkDJ+US9RuR:YlGqnZ+CBP3KNV4tmn8Dl8EMaeK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38616705a0e1a8d719da6b1a35e755c5_JaffaCakes118

Files

38616705a0e1a8d719da6b1a35e755c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c9f5c0c74aa4b177b9fd45f26cd2a5b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\

Imports

user32

RegisterClassA
ChildWindowFromPointEx
SendMessageW
DefMDIChildProcA
CharLowerBuffA
CloseDesktop
RegisterClassExA
SetTimer
GetClipboardOwner
RegisterHotKey
ClipCursor
SetMessageQueue
LoadStringA
RemovePropW
LoadMenuIndirectW
SetWindowTextA
DlgDirSelectExW
SetWinEventHook

kernel32

CreateMutexA
FlushFileBuffers
GetModuleHandleA
VirtualAlloc
VirtualFree
LeaveCriticalSection
SetFilePointer
CreatePipe
InterlockedIncrement
InitializeCriticalSection
GetCurrentProcess
TlsFree
SetEnvironmentVariableA
InterlockedDecrement
GetCommandLineW
TlsSetValue
GetCurrentThread
GetProcAddress
GetStartupInfoA
FreeEnvironmentStringsW
LocalFlags
HeapAlloc
GetSystemTimeAsFileTime
MultiByteToWideChar
TlsGetValue
HeapDestroy
SetLocalTime
SetLastError
GetLocalTime
LCMapStringA
GetStartupInfoW
HeapReAlloc
IsBadWritePtr
LCMapStringW
OpenMutexA
GetModuleFileNameA
DeleteCriticalSection
HeapCreate
VirtualQuery
GetConsoleTitleW
InterlockedExchange
GetCurrentThreadId
ExitProcess
EnterCriticalSection
GetCommandLineA
RtlUnwind
GetAtomNameW
GetComputerNameA
GetTickCount
GetTimeZoneInformation
GetEnvironmentStrings
GetEnvironmentStringsW
OpenFileMappingA
GetStringTypeW
GetVersion
QueryPerformanceCounter
CompareStringA
CloseHandle
GetCurrentProcessId
WideCharToMultiByte
GetModuleFileNameW
GetCPInfo
SetHandleCount
WriteConsoleOutputAttribute
LoadLibraryA
UnhandledExceptionFilter
GetSystemTime
ReadFile
GetStringTypeA
HeapFree
CompareStringW
SetStdHandle
GetLastError
FreeEnvironmentStringsA
WriteFile
GetFileType
TerminateProcess
GetStdHandle
TlsAlloc

comctl32

InitCommonControlsEx

Sections

.text
Size: 298KB - Virtual size: 297KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9f5c0c74aa4b177b9fd45f26cd2a5b4

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

Sections

.text Size: 298KB - Virtual size: 297KB

.rdata Size: 40KB - Virtual size: 46KB

.data Size: 102KB - Virtual size: 101KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 298KB - Virtual size: 297KB

.rdata
Size: 40KB - Virtual size: 46KB

.data
Size: 102KB - Virtual size: 101KB

.rsrc
Size: 17KB - Virtual size: 16KB