4aaebff02095bb9f9a10a5e1b6a67321_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4aaebff02095bb9f9a10a5e1b6a67321_JaffaCakes118
Size

195KB
MD5

4aaebff02095bb9f9a10a5e1b6a67321
SHA1

08e19dd60b4f44b57b5f31c5ffa413523ea2b89f
SHA256

6fa1ea8d12f7084a01b41154b317c9242a8f0280e9e5cffde7955530b931df02
SHA512

282492d468de7c6e8ca1a72092d51077bddc72660000d8cb25243548f37350f7602a6c322dc75c877a9dfe26e9d2dc39bf301f3f37e425aa4b121e3f3a17398b
SSDEEP

6144:SP8m2FfFIQvp/J4GrDVUfi7C33yaiF9w:cszjvDDGfiMe9w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4aaebff02095bb9f9a10a5e1b6a67321_JaffaCakes118

Files

4aaebff02095bb9f9a10a5e1b6a67321_JaffaCakes118
.exe windows:5 windows x86 arch:x86

614e0db9743bbb556cfbbcdeb7d0695f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
EnumSystemLocalesA
VirtualFree
WaitForSingleObject
UnhandledExceptionFilter
CloseHandle
LCMapStringW
QueryPerformanceCounter
GetSystemTimeAsFileTime
TlsGetValue
GetStringTypeW
CreateFileW
GetFileInformationByHandle
GetTickCount
ResetEvent
FileTimeToSystemTime
TryEnterCriticalSection
HeapReAlloc
GetConsoleMode
Sleep
SetFilePointerEx
InterlockedDecrement
SetEnvironmentVariableW
GetCurrentDirectoryA
SetEvent
WriteConsoleW
GetTempPathA
EnterCriticalSection
VirtualAlloc
GetConsoleOutputCP
GetTempFileNameA
DeleteFileA
CreateToolhelp32Snapshot
GetACP
SetConsoleMode
PeekNamedPipe
HeapDestroy
GetSystemInfo
SetProcessAffinityMask
FindNextFileA

user32

RegisterClassExW
SetTimer
EnumChildWindows
DeferWindowPos
ClientToScreen
ShowCursor
FindWindowW
EnableWindow
GetUpdateRect
GetDoubleClickTime
MoveWindow
RegisterClassW
GetScrollInfo
SetCursorPos
GetWindowTextW
GetKeyboardState
DestroyCaret
KillTimer
MsgWaitForMultipleObjects
CloseDesktop
GetCapture
DrawIcon
EmptyClipboard
IsWindow
GetMessageExtraInfo
GetScrollRange
GetWindowPlacement
SetCaretPos
GetSysColor
GetKeyboardLayout
GetClipboardData
IsChild
SetWindowsHookExW
SetParent
SendMessageW
SetMessageQueue
GetUserObjectInformationW
SetWindowPos
CharUpperA
GetCaretPos
InvalidateRect
CharLowerBuffW
InvalidateRgn
EnumThreadWindows
PostQuitMessage
IsIconic
GetDC
RemoveMenu

ntdll

NtResumeThread
ZwQueryInformationProcess
RtlCompareMemory
RtlFreeUnicodeString
ZwQueryInformationPort
RtlExitUserThread
NtOpenJobObject
NtQueryValueKey
RtlAddAce

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

614e0db9743bbb556cfbbcdeb7d0695f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ntdll

Sections

.text Size: 145KB - Virtual size: 145KB

.data Size: 46KB - Virtual size: 46KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 145KB - Virtual size: 145KB

.data
Size: 46KB - Virtual size: 46KB

.rsrc
Size: 2KB - Virtual size: 4KB