4797668893c1d7fc748dd7908a7ef00f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4797668893c1d7fc748dd7908a7ef00f_JaffaCakes118
Size

543KB
MD5

4797668893c1d7fc748dd7908a7ef00f
SHA1

7a02518a5eba15b27e7ce1fda7ba48e98196dc8f
SHA256

28f29dc541176f3ccef9f13db0cf94e7a18737b046f0e702723af20491d94f21
SHA512

e16d162f5b59e810aefddc4971959b0b0e9cba6b8069463c40959a53a2a17c25e2e6f9e20cae2c123985c394c01b2db034073cc0d4f8c2ee416e80d4742528b4
SSDEEP

12288:3qB3L98rgl8gH/AuCNZ/CIsXJaZ4XGr6AJOPsUJ2Ck:3Ix8sjAuCNZDZ4XY6kUJ/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4797668893c1d7fc748dd7908a7ef00f_JaffaCakes118

Files

4797668893c1d7fc748dd7908a7ef00f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

39e0dc7b84a1333ee5add4a8f24aa644

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassA
RegisterClassExA
SetUserObjectInformationW

kernel32

GetCPInfo
EnterCriticalSection
InterlockedExchange
WriteFile
GetLastError
GlobalHandle
VirtualAlloc
GetLocalTime
HeapCreate
GetStringTypeA
FlushFileBuffers
LCMapStringA
InterlockedDecrement
VirtualQuery
HeapReAlloc
GetCurrentThread
CompareStringW
OutputDebugStringW
GetACP
GetModuleHandleA
CompareStringA
WriteFileEx
InitializeCriticalSection
WaitForSingleObjectEx
GetSystemDefaultLangID
GetStringTypeExW
UnhandledExceptionFilter
GetStringTypeW
GetConsoleCursorInfo
GetTimeZoneInformation
GetSystemTime
LCMapStringW
SetFilePointer
GetFullPathNameW
LoadLibraryA
GlobalLock
SetHandleCount
CreateMutexA
TlsGetValue
MultiByteToWideChar
SetEnvironmentVariableW
FreeEnvironmentStringsA
TlsFree
RtlMoveMemory
CreateDirectoryExA
GetCurrencyFormatW
CloseHandle
GetVersion
GetCurrentThreadId
InterlockedIncrement
GetConsoleOutputCP
GetCommandLineW
GetCommandLineA
GetSystemDirectoryA
RtlUnwind
GetModuleFileNameW
GetCalendarInfoA
GetTickCount
TlsSetValue
GetStdHandle
FoldStringA
SetStdHandle
WideCharToMultiByte
GetCurrentProcess
HeapDestroy
SetEnvironmentVariableA
VirtualFree
OpenMutexA
ReadFile
GetFileType
GetSystemTimeAsFileTime
TerminateProcess
EnumCalendarInfoA
GetEnvironmentStrings
HeapAlloc
HeapFree
TlsAlloc
IsBadWritePtr
QueryPerformanceCounter
GetStartupInfoW
FreeEnvironmentStringsW
DosDateTimeToFileTime
GetTimeFormatW
GetPrivateProfileStructA
GetModuleFileNameA
GetWindowsDirectoryW
GetEnvironmentStringsW
GetProcAddress
DeleteCriticalSection
GetCurrentProcessId
SetLastError
GetStartupInfoA
LeaveCriticalSection
ExitProcess
UnlockFile

comctl32

InitCommonControlsEx
ImageList_Replace
ImageList_GetFlags
ImageList_DragLeave
CreateStatusWindowA

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 251KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39e0dc7b84a1333ee5add4a8f24aa644

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 251KB - Virtual size: 265KB

.data Size: 114KB - Virtual size: 114KB

.rsrc Size: 56KB - Virtual size: 56KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 251KB - Virtual size: 265KB

.data
Size: 114KB - Virtual size: 114KB

.rsrc
Size: 56KB - Virtual size: 56KB