65e8ff8a8a4b36c2eeaf185a00a58e68_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

65e8ff8a8a4b36c2eeaf185a00a58e68_JaffaCakes118
Size

29KB
MD5

65e8ff8a8a4b36c2eeaf185a00a58e68
SHA1

18a46949503bd24fb6460c9af8c9eb1ee705492b
SHA256

c149554deb5eb5255975ed0b45d02f226ee72733123b408d2a23ca6c501aaad3
SHA512

0ceeb69b8496d6129650f9808b391245665586ec8b43334f3a4334bd185c7b497c336bc8707177828c55df4e21189fea9ec9692fa34096c423f3724d0b927a9e
SSDEEP

384:t6A4ijsToSsMr3RoiaR0ORdj047WQ+xr2psf:54cSsMr3RoiaRHVWQsaWf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65e8ff8a8a4b36c2eeaf185a00a58e68_JaffaCakes118

Files

65e8ff8a8a4b36c2eeaf185a00a58e68_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9afd526b9ffdca876fc63fdddb5b3f8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
TerminateProcess
GetProcAddress
CreateFileA
GetStartupInfoA
SetThreadPriority
lstrcatA
LoadLibraryA
CreateProcessW
FreeEnvironmentStringsA
GetCPInfo
GetLocaleInfoW
GetOEMCP
GetModuleFileNameW
GetEnvironmentStringsW
SizeofResource
HeapAlloc
GetStringTypeW
ResetEvent
GetCurrentProcess
GlobalUnlock
InterlockedExchange
LockResource
CreateMutexW
TlsSetValue
GetLastError
SetErrorMode
WideCharToMultiByte
LocalFree
FindFirstFileW
GetVersionExA
GetCurrentThread
WaitForSingleObject
GetTempPathA
GetCommandLineA
GetProcessHeap
GetCurrentThreadId
FindResourceW
SetEvent
TlsFree
GetACP
HeapCreate
GetComputerNameW
MulDiv
GetLocalTime
GetStdHandle
GetFileType
GetModuleHandleA
QueryPerformanceCounter
CompareStringW
InterlockedCompareExchange
SetThreadLocale
GetTickCount
Sleep
TlsAlloc
GetDriveTypeA
CopyFileW
VirtualProtect
DisableThreadLibraryCalls
DeleteFileA
CreateEventW
GetCurrentProcessId
GetFileSize
SetUnhandledExceptionFilter
InterlockedIncrement
UnhandledExceptionFilter
SetCurrentDirectoryA
UnmapViewOfFile
InitializeCriticalSection
GlobalFree
GetExitCodeProcess
CreateFileW
FreeLibrary
HeapDestroy
OpenMutexA
FlushInstructionCache
GlobalMemoryStatus
ExitProcess

msvcrt

strchr
_errno
_amsg_exit
exit
malloc
__dllonexit
atoi
__p__commode
_vsnprintf

user32

MsgWaitForMultipleObjects
SetDlgItemTextW
IsWindow
EndDialog
SetCursor
LoadStringW
GetDlgItem
EqualRect
GetClassInfoExW
RegisterWindowMessageW
GetWindowLongA
IsIconic
RegisterClipboardFormatW
DrawTextW
ValidateRect
SetFocus
ClientToScreen
SendMessageW
SetWindowTextW
IsDialogMessageA
MapWindowPoints
ScreenToClient

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9afd526b9ffdca876fc63fdddb5b3f8c

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 2KB - Virtual size: 108KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 2KB - Virtual size: 108KB

.rsrc
Size: 2KB - Virtual size: 2KB