3abe18773653396a33c7809916999764_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3abe18773653396a33c7809916999764_JaffaCakes118
Size

53KB
MD5

3abe18773653396a33c7809916999764
SHA1

4d294622bde09c68d2e09c0649d5bd1d0cd12693
SHA256

d6e49afd8af932f63b0e9e89972619edc89e4456dd716db6ff64101f134ed8a6
SHA512

a76803f01708a6c52d08626a48380ba87585bd9ea8da128efb730b4d7d2c66b3e4667f282a836c84763a6504888ba8d34593e9194de0c806506ac6ad439b6ba7
SSDEEP

1536:VOUOsa++Lie/OBN+dug0LtwUBC7X82ST:V+zLEBEduzLiU47v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3abe18773653396a33c7809916999764_JaffaCakes118

Files

3abe18773653396a33c7809916999764_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1ada6ec9c946ddd20155056c6fd44670

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
FindClose
CreateProcessW
GetTimeZoneInformation
GetComputerNameW
lstrcpyW
GlobalLock
GetFileSizeEx
GlobalUnlock
ReadFile
IsBadReadPtr
GetExitCodeProcess
GetModuleHandleA
lstrcatA
GetTickCount
CreateMutexW
GetCommandLineA
LeaveCriticalSection
DisconnectNamedPipe
CreateDirectoryW
MultiByteToWideChar
GetFileSize
GetSystemTime
GetModuleFileNameW
WaitForSingleObject
CreateFileW
MoveFileExW
GetProcessHeap
GetLastError
HeapFree
lstrcatW
HeapAlloc
lstrcmpiW
SetFileTime
lstrlenW
UnmapViewOfFile
WriteProcessMemory
GetProcessTimes
WriteFile
CreateFileMappingW
ResetEvent
GetLogicalDrives
HeapReAlloc
lstrcmpiA
SetFilePointer
FindNextFileW
CopyFileW
SetFileAttributesW
EnterCriticalSection
OpenProcess
OpenMutexW
GetTempPathW
GetLocalTime
GetCurrentProcessId
CloseHandle
SetThreadPriority
GetSystemTimeAsFileTime
GetCurrentThreadId
SystemTimeToFileTime
MapViewOfFile
WideCharToMultiByte
InitializeCriticalSection
ExpandEnvironmentStringsW
GetUserDefaultUILanguage
lstrlenA
SetEndOfFile
GetVersionExW
FlushFileBuffers
Sleep
SetEvent
GetTempFileNameW
GetModuleFileNameA
lstrcpyA
CreateEventW
ReleaseMutex
FindFirstFileW
GetThreadPriority
DeleteFileW
FindResourceW
lstrcpynW
GetDriveTypeW
GetFileTime
CreateThread

user32

DispatchMessageW
FindWindowExW
MsgWaitForMultipleObjects
GetMessageW
GetDlgItem
GetDlgItemTextW
SendMessageW
CharLowerBuffA

Sections

.hyz
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sbmx
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vojot
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.job
Size: 26KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ada6ec9c946ddd20155056c6fd44670

Headers

File Characteristics

Imports

kernel32

user32

Sections

.hyz Size: 18KB - Virtual size: 39KB

.sbmx Size: 5KB - Virtual size: 10KB

.vojot Size: 1024B - Virtual size: 1KB

.job Size: 26KB - Virtual size: 132KB

.rsrc Size: 1KB - Virtual size: 4KB

.hyz
Size: 18KB - Virtual size: 39KB

.sbmx
Size: 5KB - Virtual size: 10KB

.vojot
Size: 1024B - Virtual size: 1KB

.job
Size: 26KB - Virtual size: 132KB

.rsrc
Size: 1KB - Virtual size: 4KB