38fd94630d87d433b3813f0fb033a096_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38fd94630d87d433b3813f0fb033a096_JaffaCakes118
Size

2.7MB
MD5

38fd94630d87d433b3813f0fb033a096
SHA1

977ed377e09ef584618e99cae99b406efc178eb0
SHA256

1b71d42b79648bf6ddf873ef67a2e001f337e6ae152d0c5714ef98f8f175e506
SHA512

d34149fba3135a2e9ff5d6668135987aefff624af586bf7cdec71b145f48bf4d7b14a0b43640462ac1a2757cb2c5cffd55d4ebf46a3a96058a7d6cedea412f13
SSDEEP

49152:Nvfrl6THGEXwqqgv+SappveRacY/W8yxlnkdKsJSu6JF7ucCbygZToghKOk:xfrUqgw96+dSa7/W7lkdKsJSFuFbFog+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38fd94630d87d433b3813f0fb033a096_JaffaCakes118

Files

38fd94630d87d433b3813f0fb033a096_JaffaCakes118
.exe windows:5 windows x86 arch:x86

adef86f30ac5eea7abf87aa35710ac10

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringA
GetVersionExA
GetUserDefaultLangID
SetFileApisToANSI
IsBadWritePtr
GetLocaleInfoA
WaitForSingleObjectEx
GetTickCount
GetCurrentProcessId
CommConfigDialogA
GetComputerNameExA
FindFirstVolumeMountPointA
SetDefaultCommConfigA
SetConsoleHardwareState
WaitForMultipleObjectsEx
CloseHandle
GetLogicalDrives
GlobalDeleteAtom
VirtualAllocEx
WritePrivateProfileStructA
GetStringTypeA
GetVolumePathNameA
GetProcAddress
DuplicateHandle
GetSystemDefaultLangID
GetDriveTypeA
GetSystemTimes
GlobalSize
GlobalDeleteAtom
QueueUserWorkItem
ReplaceFileA
LZCopy
LoadResource
ReadConsoleInputA
GetVolumeNameForVolumeMountPointA
SetCurrentDirectoryA
LZInit
GetBinaryType
UnlockFile
OpenThread
HeapCompact
FreeResource
GetModuleFileNameA
WriteProfileStringA
GetTapeStatus
CreateMutexA
SetEnvironmentVariableA
GetThreadTimes
FindFirstChangeNotificationA
GetSystemTimes
GetFileAttributesExA
GetLastError
WriteProcessMemory
FlushConsoleInputBuffer
LZOpenFileA
GetComputerNameA
SearchPathA
FreeEnvironmentStringsA
GetLogicalDriveStringsA
SetProcessPriorityBoost
GetDevicePowerState
OpenSemaphoreA
SetThreadIdealProcessor
QueryPerformanceFrequency
SetLocaleInfoA
GetFileSizeEx
GetQueuedCompletionStatus
GetFileTime
CompareStringA
OpenJobObjectA

user32

RecordShutdownReason
GetNextDlgTabItem
CountClipboardFormats
GetCapture
GetTitleBarInfo
DeviceEventWorker
CharUpperA
SendNotifyMessageA
BlockInput
PaintMenuBar
GetCursorInfo
GetClassInfoExA
GetKeyboardLayoutNameA
GetClassNameA
DlgDirSelectExA
GetClipboardFormatNameA
GetWindowTextA
SetKeyboardState
CliImmSetHotKey
GetLayeredWindowAttributes
AdjustWindowRectEx
CreateMenu
DrawCaption
GetAltTabInfoA
LoadBitmapA
ChangeDisplaySettingsExA
UnregisterHotKey
LoadAcceleratorsA
EmptyClipboard
LoadImageA
ActivateKeyboardLayout
CharPrevExA
DefMDIChildProcA

version

GetFileVersionInfoA

comdlg32

GetFileTitleA

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 17.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

adef86f30ac5eea7abf87aa35710ac10

Headers

File Characteristics

Imports

kernel32

user32

version

comdlg32

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.idata Size: 3KB - Virtual size: 17.9MB

.rsrc Size: 127KB - Virtual size: 126KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.idata
Size: 3KB - Virtual size: 17.9MB

.rsrc
Size: 127KB - Virtual size: 126KB