4aa06a10c932216cc3cad61351e3abf0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4aa06a10c932216cc3cad61351e3abf0_JaffaCakes118
Size

450KB
MD5

4aa06a10c932216cc3cad61351e3abf0
SHA1

29c5d85704a192c4837ae20ce7f5d132bb2d281f
SHA256

c1b282069061c648806b1f6ca353a21ab111c43a7d564f9af2e5a0a40f3d6b04
SHA512

f07a27421a5efa5dd6fc038f98a7467257ef828ca4b41441572ad5cb237cfc89864fa3971786cb3aea79164d59b559bdc9010e814b846528975ff6b1e0d1b894
SSDEEP

12288:RVdirFyfn/6e50JWubLwfT0ii4IeTcwv:KQv30JW0LwfAiiveQu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4aa06a10c932216cc3cad61351e3abf0_JaffaCakes118

Files

4aa06a10c932216cc3cad61351e3abf0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55f2ae86b89792f862909c334cb28ea8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetCommandLineA
SetEnvironmentVariableA
FreeLibrary
RtlUnwind
HeapSize
FreeEnvironmentStringsW
GetCurrentProcess
GetTimeFormatA
VirtualAlloc
SetUnhandledExceptionFilter
MultiByteToWideChar
HeapReAlloc
GetStartupInfoW
GetTimeZoneInformation
GetStartupInfoA
GetEnvironmentStringsW
SetLastError
GetModuleFileNameA
GetLastError
HeapDestroy
ExitProcess
GetModuleFileNameW
HeapCreate
InterlockedIncrement
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetEnvironmentStrings
IsValidLocale
QueryPerformanceCounter
GetConsoleTitleW
TlsGetValue
EnterCriticalSection
TlsFree
WideCharToMultiByte
GetDateFormatA
HeapAlloc
GetStringTypeA
HeapFree
RemoveDirectoryA
Sleep
GetCurrentProcessId
FreeEnvironmentStringsA
InitializeCriticalSection
GetVersionExA
UnhandledExceptionFilter
IsValidCodePage
GetCurrentThread
GetOEMCP
InterlockedDecrement
GetFileType
LeaveCriticalSection
TlsSetValue
CompareStringA
GetACP
GetModuleHandleA
EnumTimeFormatsA
GetLocaleInfoW
EnumSystemLocalesA
GetCurrentDirectoryW
TlsAlloc
DeleteCriticalSection
CompareStringW
GetCommandLineW
IsDebuggerPresent
GetProcAddress
GetProcessHeap
GetStdHandle
GetCPInfo
SetConsoleCtrlHandler
InterlockedExchange
LCMapStringA
TerminateProcess
GetStringTypeW
VirtualQuery
WriteFile
VirtualFree
CreateEventW
SetHandleCount
GetCurrentThreadId
LCMapStringW

user32

DdeQueryStringA
GetClipboardFormatNameW
GetScrollInfo
GetCursor
ToAscii
SetCaretPos
LoadBitmapA
wvsprintfA
TranslateAcceleratorA
MonitorFromPoint
GetScrollRange
UnhookWinEvent
CharToOemBuffW
DdeDisconnectList
GetKeyboardLayoutNameW
RegisterWindowMessageA
GetGuiResources
UnhookWindowsHook
InsertMenuItemA
SetUserObjectInformationW

shell32

ExtractAssociatedIconA
SHLoadInProc
ShellExecuteEx
DragQueryFileW
SHBrowseForFolderW
DoEnvironmentSubstA
SHGetFileInfo

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55f2ae86b89792f862909c334cb28ea8

Headers

File Characteristics

Imports

kernel32

user32

shell32

Sections

.text Size: 167KB - Virtual size: 167KB

.data Size: 276KB - Virtual size: 288KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 167KB - Virtual size: 167KB

.data
Size: 276KB - Virtual size: 288KB

.rsrc
Size: 6KB - Virtual size: 5KB