43b6653377780ca09de4aed0735aa50f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43b6653377780ca09de4aed0735aa50f_JaffaCakes118
Size

120KB
MD5

43b6653377780ca09de4aed0735aa50f
SHA1

ef15bafbac742efaf8694803695d09300a996d23
SHA256

8316181ff6a64cde655a018f9ff5ed00ef7444aba31e4235072ed438ea36902c
SHA512

fa875e5f6e36b8c7f683e7a1452d627c174ce13ed0555170e8a805534e3bc2d4228568d530308a9ac2ee097f86a858daa0443d5002a6884e0ab90aa61ea3ae61
SSDEEP

3072:diJG08htQbpL2R9TBTgjpUogMV+r3EbDlH6n:4G08RRdBdMUr3q96

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43b6653377780ca09de4aed0735aa50f_JaffaCakes118

Files

43b6653377780ca09de4aed0735aa50f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

617b435ad97d93ffc24c15f9e56d2079

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\awyvXntLz\nuitNxv\nmIPWYre.pdb

Imports

shell32

ord3
ord10
ord73

kernel32

SetThreadPriority
LocalLock
GetFullPathNameA
GetLastError
GetSystemTimeAdjustment
lstrcpynA
LoadLibraryExW
GlobalUnlock
SetWaitableTimer
SetUnhandledExceptionFilter
FindResourceW
CreateFileW
LCMapStringA
OpenSemaphoreW
FindFirstChangeNotificationW
HeapReAlloc
GetFileAttributesExW
WriteFile
EnumResourceNamesA
ResumeThread
ConvertDefaultLocale
GetAtomNameW
SetSystemTime
SetThreadAffinityMask
SetFileAttributesA
ClearCommError
SetHandleCount
RegisterWaitForSingleObject
SetFilePointer
PulseEvent
FileTimeToSystemTime
TlsSetValue
LocalFree
GlobalMemoryStatus
CreateRemoteThread
GetDateFormatW
GetSystemInfo
SetCommMask
GetModuleFileNameA
FormatMessageW
CompareStringA
GetVersion
lstrcpyA
RtlUnwind
GetAtomNameA
SetCurrentDirectoryA
GetCommandLineW
DisconnectNamedPipe
EnumSystemLocalesA
FreeLibrary
GetSystemTime
GetACP
IsValidLocale
GetFullPathNameW
AreFileApisANSI
GetLocalTime
GetSystemDefaultUILanguage
HeapUnlock
TransactNamedPipe
GetTimeFormatA
lstrcmpW
GetNumberFormatA
GetStdHandle
MoveFileW
GetCurrentThreadId
LocalUnlock
GlobalHandle
CopyFileW
CreateMailslotW
FormatMessageA
GetBinaryTypeA
WaitForSingleObjectEx
GetFileSize
HeapWalk
SizeofResource
HeapValidate
SetThreadLocale
HeapLock
MultiByteToWideChar
SetThreadContext
SetErrorMode
SetPriorityClass
SetThreadExecutionState
ReadFile
FindResourceExW
GetOverlappedResult
LocalSize
SetNamedPipeHandleState
GlobalSize
GetHandleInformation
GetThreadContext
CreateThread
GetLocaleInfoA
GetComputerNameExA
GlobalReAlloc
DuplicateHandle
FoldStringW
GetNumberFormatW
InitializeCriticalSection
SearchPathW
FindNextChangeNotification
DeviceIoControl
CallNamedPipeW
GetProcAddress
CreatePipe
GetSystemWindowsDirectoryA
GetWindowsDirectoryA
GetTempFileNameW
TerminateThread
GetCommState
GetSystemTimeAsFileTime
VirtualFree
OpenEventW
DeleteFileA
SearchPathA
IsBadCodePtr
FindClose
LoadLibraryW
OpenFile
lstrcpynW
LoadResource
DefineDosDeviceW
ConnectNamedPipe
lstrcmpiA
GetComputerNameW
UnlockFile
LocalReAlloc
lstrcmpA
LoadLibraryA
AddAtomW
GetSystemWindowsDirectoryW
SetHandleInformation
lstrcmpiW
EnumResourceNamesW
CreateNamedPipeA
GlobalGetAtomNameW
SetSystemTimeAdjustment
EnumResourceLanguagesA
CompareFileTime
RemoveDirectoryA
HeapCreate
IsBadReadPtr
SetCommBreak
GetCommConfig
GetModuleHandleA
UnmapViewOfFile
GetCommProperties
DeleteAtom
WaitCommEvent
IsDBCSLeadByte
HeapFree
GetFileAttributesA

Exports

Exports

?LoadBitmapAJUHdjhkddjkfguKHJ@@YGKPA_WK@Z

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data_v
Size: - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

617b435ad97d93ffc24c15f9e56d2079

Headers

File Characteristics

PDB Paths

Imports

shell32

kernel32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 44KB

.itext Size: 4KB - Virtual size: 4KB

.rdata Size: 1024B - Virtual size: 588B

.data Size: 2KB - Virtual size: 1KB

.data_v Size: - Virtual size: 89KB

.rsrc Size: 67KB - Virtual size: 67KB

.text
Size: 44KB - Virtual size: 44KB

.itext
Size: 4KB - Virtual size: 4KB

.rdata
Size: 1024B - Virtual size: 588B

.data
Size: 2KB - Virtual size: 1KB

.data_v
Size: - Virtual size: 89KB

.rsrc
Size: 67KB - Virtual size: 67KB