386f37a3b2adc218917edec0aa549965_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

386f37a3b2adc218917edec0aa549965_JaffaCakes118
Size

419KB
MD5

386f37a3b2adc218917edec0aa549965
SHA1

6db03f1c4df61a1e4729cb2ebcd7a0ba05933234
SHA256

1d9b2035e1d42c4359e6694107ca1d7a36b0e0cfae24235c35307f0ac92e841b
SHA512

e1d2dc7362261f173e8cda800b4cd6049442c40a5f7bb2d64fd657bcee4f7d425cadbdde381e1e9fa9ab9493c8b580789fa6908e4da0e910c3ae53f8b6d058bb
SSDEEP

12288:MFwqOizpUPIF5hDh/hqarMe4HBzjL67RzsIZt:dqOizpUPYhDhXCzjC1VZt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
386f37a3b2adc218917edec0aa549965_JaffaCakes118

Files

386f37a3b2adc218917edec0aa549965_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e211e0e2f4c3d80dadd90110e62d5ef8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
GetFileType
TlsGetValue
GetDateFormatA
RtlUnwind
LCMapStringA
GetCurrentThread
GetCurrentProcess
InterlockedDecrement
VirtualAlloc
VirtualFree
TlsAlloc
HeapReAlloc
HeapCreate
EnterCriticalSection
GetVersionExA
GetProcessHeap
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
IsValidLocale
ExitProcess
GetTimeFormatA
IsValidCodePage
MultiByteToWideChar
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
InterlockedIncrement
GetOEMCP
SetHandleCount
QueryPerformanceCounter
DeleteCriticalSection
SetUnhandledExceptionFilter
GetACP
VirtualQuery
GetCurrentThreadId
GetLocaleInfoW
HeapAlloc
HeapSize
HeapFree
CompareStringA
WideCharToMultiByte
GetCurrentProcessId
GetCommandLineA
LCMapStringW
IsDebuggerPresent
ResumeThread
SetEnvironmentVariableA
GetLocaleInfoA
GetTimeZoneInformation
LeaveCriticalSection
GetStartupInfoA
Sleep
TlsSetValue
FreeEnvironmentStringsA
GetEnvironmentStrings
GetModuleHandleA
EnumSystemLocalesA
GetStringTypeW
GetCPInfo
CompareStringW
WriteFile
FreeLibrary
FreeEnvironmentStringsW
GetLastError
SetConsoleCtrlHandler
GetProcAddress
GetUserDefaultLCID
HeapDestroy
GetEnvironmentStringsW
TlsFree
InterlockedExchange
SetLastError
TerminateProcess
InitializeCriticalSection

user32

TileChildWindows
CreateAcceleratorTableA
OffsetRect
SendNotifyMessageA
CharToOemW
OpenWindowStationW
ImpersonateDdeClientWindow
InSendMessage
GetKeyboardLayout
SetCapture
DdeGetData
GetKeyNameTextW
SetShellWindow
GetInputDesktop
EnumDisplaySettingsExA
PeekMessageW
CharLowerA
CreateMDIWindowA
GetMenuItemInfoW
SendMessageTimeoutA
OemToCharBuffA
ToUnicode

advapi32

RegFlushKey
GetUserNameW
DuplicateToken
CryptGetDefaultProviderA
LogonUserA
RegDeleteKeyW
RegDeleteValueW
LookupSecurityDescriptorPartsW
LookupPrivilegeValueW
RegLoadKeyA
LookupAccountSidW
RegEnumValueW
RegDeleteValueA
CryptEnumProviderTypesA
CryptGetKeyParam
CryptSetProviderExW

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e211e0e2f4c3d80dadd90110e62d5ef8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 136KB - Virtual size: 135KB

.data Size: 274KB - Virtual size: 274KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 136KB - Virtual size: 135KB

.data
Size: 274KB - Virtual size: 274KB

.rsrc
Size: 7KB - Virtual size: 7KB