481ab2d11a995ebc57225b16a30ec80c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

481ab2d11a995ebc57225b16a30ec80c_JaffaCakes118
Size

114KB
MD5

481ab2d11a995ebc57225b16a30ec80c
SHA1

27a0205688727082150e8dce7e4a2a41deae6912
SHA256

669b53fa4fb2b2efb29b3f2ccb6e3e2a917a41786cf3e551d9dfac42c7ad559e
SHA512

71650436884a45c0a5f5c9ce90510671ded396a5fb9736a2d3bb85ba8e17841a35dcb69188226d6ed0f3c33b28ee91d61d9e47bcaacf08920b0165adcc0ab565
SSDEEP

1536:1sIgBJQ4HpOJ5dwErCpH026ZCb4r3PCcrXu3tucOSIL7t+M7h+cKrwU0r:m8cuwHyZCb4zPrXUtudzHF+cKUU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
481ab2d11a995ebc57225b16a30ec80c_JaffaCakes118

Files

481ab2d11a995ebc57225b16a30ec80c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e1ac076a3d75d3c777fff171e3af116

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreatePipe
SetErrorMode
GlobalFree
GlobalAlloc
QueryPerformanceFrequency
HeapValidate
HeapCompact
GetLocalTime
CreateFileA
HeapFree
HeapAlloc
WriteConsoleW
lstrcmpA
LCMapStringA
SetEndOfFile
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
SetFilePointer
GetCurrentProcess
TerminateProcess
WriteFile
CloseHandle
ReadFile
GetLastError
LCMapStringW
HeapReAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc

user32

SetWindowsHookExA
SendMessageA
DestroyWindow
SystemParametersInfoA
FrameRect
ClientToScreen
RegisterClassExA
GetWindowTextLengthA
SetForegroundWindow
CheckRadioButton
SendDlgItemMessageA
FillRect
TrackPopupMenu
DrawFrameControl
PostMessageA
SetClipboardData
IsDialogMessageA
GetActiveWindow
AppendMenuA
GetClipboardData

ole32

CoTaskMemFree
CoUninitialize
CoSuspendClassObjects
StgCreateDocfile
CoInitialize
OleCreate
CoTaskMemAlloc

ws2_32

WSACloseEvent
WSAAddressToStringA
WSAConnect

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e1ac076a3d75d3c777fff171e3af116

Headers

File Characteristics

Imports

kernel32

user32

ole32

ws2_32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 44KB - Virtual size: 1.1MB

.rsrc Size: 12KB - Virtual size: 9KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 44KB - Virtual size: 1.1MB

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 2KB - Virtual size: 1KB