386611f58fb590936c45d5bb2ad7edf8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

386611f58fb590936c45d5bb2ad7edf8_JaffaCakes118
Size

84KB
MD5

386611f58fb590936c45d5bb2ad7edf8
SHA1

b7b326607306f567edd221943b5efa1b1b9c3f3e
SHA256

9832103568cd7ca9a34ef920cd6adb9075d49e1086621c13cc56cdfc3d94f761
SHA512

0dd08a7a7ec3d7b7eee33d5e3a3f556c0cfd74719495a3b14f73a8cc8a674e924dae707f2046daafacc02d6405df699c6ce15ca2c21bcbfa8932f8c56b87a7d6
SSDEEP

768:D4iP5HWSrFYFg6gK5+rOFkI0wlOzacPhv50mpvv8AEuZ2O6WLZlNS8r3t1AH0:MiP5HWSmFgikknlTc5Gmpv8y3Xbt1g0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
386611f58fb590936c45d5bb2ad7edf8_JaffaCakes118

Files

386611f58fb590936c45d5bb2ad7edf8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1b928159f0d4f3a5bb5204270fa88ec0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExA
GetModuleFileNameA
GetModuleHandleA
Sleep
lstrlenW
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
CloseHandle
CreateProcessA
DeleteFileA
GetWindowsDirectoryA
LoadLibraryA
GetTickCount
CopyFileA
GetSystemDirectoryA
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetProcAddress
GetComputerNameA
FreeLibrary
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RaiseException
ExitProcess
HeapAlloc
GetLastError
HeapFree
GetCommandLineA
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
WriteFile
GetStdHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
HeapReAlloc
HeapDestroy
HeapCreate
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetOEMCP
HeapSize
SetFilePointer

user32

SetForegroundWindow
EnumChildWindows
CloseWindow
SendMessageA
GetForegroundWindow
GetWindowLongA
GetWindowTextA

advapi32

RegDeleteValueA
RegOpenKeyA

ole32

CoInitialize
CLSIDFromProgID
CoUninitialize
CoCreateInstance

oleaut32

VariantClear
SysAllocString
VariantInit
SysStringLen
SysFreeString

wininet

InternetGetConnectedState

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b928159f0d4f3a5bb5204270fa88ec0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

wininet

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 176B

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 176B