4e0e89a9146b7263db0d779b410fc1f2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4e0e89a9146b7263db0d779b410fc1f2_JaffaCakes118
Size

594KB
MD5

4e0e89a9146b7263db0d779b410fc1f2
SHA1

23a1d7cff735e74795bab833bce1d2b2c049b275
SHA256

c3b32660a4928c8c18ae62e66c00cd3e1c5ea1b940f11ef91483a6308986cfb2
SHA512

06a2adab2dc3a0042c04d86939a43a409cac2db228a839eecc86f455116454c6791278f0c56ebebdb375a9af9f49da2c8182996125eb69a8df64a9f2efabf7ce
SSDEEP

12288:Fv/RFxLLnZBwWTEDp+eYmC8hZ0++bCJ7UTqwtwiw97T/yy2gDhwuEiU:Fvx3ZBwW4Dp+/B8hZ0+79SBuiw9KX2hw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e0e89a9146b7263db0d779b410fc1f2_JaffaCakes118

Files

4e0e89a9146b7263db0d779b410fc1f2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0e1a146576a19fb154c5e7ae4888bc2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

WideCharToMultiByte
GetCurrentThreadId
IsValidCodePage
GetTimeZoneInformation
RtlUnwind
DeleteCriticalSection
LeaveCriticalSection
GetCommandLineA
UnhandledExceptionFilter
GetVersionExA
GetFileType
GetModuleFileNameA
GetStringTypeW
CompareStringA
QueryPerformanceCounter
TerminateProcess
CreateMutexA
SetStdHandle
CompareFileTime
TlsGetValue
TlsFree
EnterCriticalSection
SetFilePointer
TlsSetValue
FlushFileBuffers
ReadFile
VirtualQuery
HeapReAlloc
VirtualFree
GetModuleHandleA
SleepEx
TlsAlloc
IsBadWritePtr
CloseHandle
HeapCreate
SetLastError
GetStringTypeA
OpenMutexA
ExitProcess
GetEnvironmentStrings
GetCPInfo
GetLastError
GetEnvironmentVariableW
GetDateFormatA
GetProcAddress
GetStdHandle
SetHandleCount
HeapDestroy
GetSystemTimeAsFileTime
GetStartupInfoA
GetUserDefaultLCID
LCMapStringA
GetLocaleInfoW
MultiByteToWideChar
GetCurrentProcessId
InitializeCriticalSection
GetACP
GetTickCount
HeapSize
CompareStringW
HeapFree
GetSystemInfo
GetCurrentProcess
GetTimeFormatA
HeapAlloc
FreeEnvironmentStringsA
SetEnvironmentVariableA
VirtualAlloc
LCMapStringW
EnumSystemLocalesA
VirtualProtect
GetCurrentThread
IsValidLocale
FreeEnvironmentStringsW
InterlockedExchange
WriteFile
LoadLibraryA
GetEnvironmentStringsW
GetLocaleInfoA
GetOEMCP

user32

SetWindowPlacement
DestroyMenu
CloseWindow
SetWindowsHookW
MapVirtualKeyExA
GetAncestor
CharPrevExA
DdeFreeDataHandle
WinHelpA
MonitorFromRect
PostThreadMessageW
RegisterClassExA
OpenWindowStationA
ImpersonateDdeClientWindow
RegisterClassA

Sections

.text
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0e1a146576a19fb154c5e7ae4888bc2

Headers

File Characteristics

Imports

comctl32

kernel32

user32

Sections

.text Size: 261KB - Virtual size: 261KB

.rdata Size: 7KB - Virtual size: 29KB

.data Size: 317KB - Virtual size: 317KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 261KB - Virtual size: 261KB

.rdata
Size: 7KB - Virtual size: 29KB

.data
Size: 317KB - Virtual size: 317KB

.rsrc
Size: 6KB - Virtual size: 6KB