428545130a788a9c6066fef32993a578_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

428545130a788a9c6066fef32993a578_JaffaCakes118
Size

453KB
MD5

428545130a788a9c6066fef32993a578
SHA1

5130e3886f8c6fdd23cf9d6f6c7ef99c472c1209
SHA256

62da1f879d590c0cf092ab5ff91e5e1902410a6c7b973a0ec8e3415aaef99997
SHA512

2d7f9bb8beb33e9a8a59bb345b41ea03f4e72eee4d712c347c8a208c675712ed6ce6b30b0adf8315a5c158f4955a399da04cc8de9f6f95aebaca7f84af78571e
SSDEEP

12288:6BWa4iMjsxNdSUCnqdzdvXXX8j29gEI1a44paexAnmcJUX:ebjMj4NdanqdzdvXXX88z0wAn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
428545130a788a9c6066fef32993a578_JaffaCakes118

Files

428545130a788a9c6066fef32993a578_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1208829e81b8700a177890fdec360998

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DebugBreak
GetThreadSelectorEntry
GetTimeZoneInformation
SetHandleCount
RtlUnwind
GetLastError
GetProfileStringA
GetCurrentProcess
GetCurrentThread
VirtualAlloc
HeapCreate
GetSystemInfo
HeapReAlloc
FreeEnvironmentStringsW
VirtualFreeEx
FreeEnvironmentStringsA
CloseHandle
TlsGetValue
GetModuleFileNameA
CompareStringW
VirtualProtect
TlsFree
EnterCriticalSection
GetEnvironmentStringsW
SetStdHandle
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetDateFormatA
LockFileEx
GetStartupInfoW
QueryPerformanceCounter
LCMapStringA
InterlockedDecrement
TlsSetValue
InitializeCriticalSection
IsValidCodePage
GetFileAttributesA
HeapAlloc
GetCPInfo
HeapFree
GetCommandLineW
SetEnvironmentVariableA
GetCurrentProcessId
GetVersionExW
GetLocaleInfoA
SetFilePointer
IsBadReadPtr
GetStartupInfoA
WriteConsoleOutputA
EnumSystemLocalesA
GetLocaleInfoW
CompareStringA
MultiByteToWideChar
InterlockedIncrement
OpenFile
lstrcatA
SetConsoleCtrlHandler
OutputDebugStringA
LeaveCriticalSection
GlobalUnlock
GetConsoleTitleW
HeapValidate
TlsAlloc
FillConsoleOutputCharacterW
MapViewOfFile
GetOEMCP
GetProcAddress
FlushFileBuffers
GetACP
Sleep
GetTimeFormatA
InterlockedExchange
UnhandledExceptionFilter
LCMapStringW
GetCommandLineA
VirtualQuery
IsValidLocale
IsBadWritePtr
SetLastError
GetUserDefaultLCID
GetCurrentThreadId
GetStringTypeA
GlobalAlloc
TerminateProcess
DeleteCriticalSection
GetStringTypeW
WriteFile
VirtualFree
HeapDestroy
GetEnvironmentStrings
GetModuleFileNameW
GetSystemDirectoryA
ExitProcess
GetVersionExA
WideCharToMultiByte
GetStdHandle
GetModuleHandleA
GetFileType
GetCurrentDirectoryW

shell32

RealShellExecuteExW
SHGetFileInfo
SHBrowseForFolderA
SHGetSpecialFolderPathA
SHGetDataFromIDListW
ShellExecuteW
ShellAboutW
ExtractAssociatedIconExA
ShellHookProc
SHFormatDrive
SHEmptyRecycleBinW
DoEnvironmentSubstW

comdlg32

GetSaveFileNameA
ChooseColorW
GetFileTitleA
GetFileTitleW
ChooseColorA
GetOpenFileNameW
FindTextW
ChooseFontA
ChooseFontW
LoadAlterBitmap
ReplaceTextA
GetSaveFileNameW
PageSetupDlgA
FindTextA

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1208829e81b8700a177890fdec360998

Headers

File Characteristics

Imports

kernel32

shell32

comdlg32

Sections

.text Size: 159KB - Virtual size: 159KB

.data Size: 280KB - Virtual size: 307KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 159KB - Virtual size: 159KB

.data
Size: 280KB - Virtual size: 307KB

.rsrc
Size: 12KB - Virtual size: 11KB