715b18bfb50960c22e15ac46d68a81c5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

715b18bfb50960c22e15ac46d68a81c5_JaffaCakes118
Size

552KB
MD5

715b18bfb50960c22e15ac46d68a81c5
SHA1

e10f7cb3f60576c2e08097e4ea51b32c3481060f
SHA256

499c7b83fe6aed0cecb41e7d0596d61d674320f23df054027f7093c47b485465
SHA512

2ea995a1636a8cd477a8685c7494c51a5af6c1751b91f918c1542877f1e192c474cda323159852325985fbe2c9780b61075f803aa9c503e2dce35a257f633b67
SSDEEP

12288:2Ec+6xpk07erOOvOo1kwuo1VcpU5+QfGo:92SyIOpwuo1EU5+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
715b18bfb50960c22e15ac46d68a81c5_JaffaCakes118

Files

715b18bfb50960c22e15ac46d68a81c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

041f66dbbda0bb7638232e343b791124

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyWindow
GetParent
EnableWindow
PeekMessageA
BeginPaint
DefWindowProcA
GetDlgItem
SystemParametersInfoA
IsWindowVisible
InvalidateRect
GetFocus

kernel32

UnhandledExceptionFilter
LCMapStringW
VirtualAlloc
CreateProcessW
UnmapViewOfFile
GetEnvironmentStrings
GetModuleHandleW
CloseHandle
ReadFile
SetFilePointer
InterlockedCompareExchange
GetCommandLineA
HeapSize
LockResource
GetCurrentProcessId
SizeofResource
VirtualFree
lstrlenW
GetConsoleCP
HeapCreate
GetLastError
LeaveCriticalSection
HeapAlloc
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetProcAddress
FindNextFileA
ResetEvent
GetCurrentThreadId
WaitForMultipleObjects
GetStartupInfoW
GetWindowsDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
GetTickCount
QueryPerformanceCounter
GetOEMCP
WriteConsoleW
InterlockedIncrement
GetVersion
TerminateProcess
MulDiv
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameA
ExitProcess
IsDebuggerPresent
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
LocalFree
FreeLibrary
SetFileAttributesA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
WideCharToMultiByte
SetStdHandle
SetErrorMode
LocalAlloc
GetCurrentProcess
FreeEnvironmentStringsA
HeapDestroy
WaitForSingleObject
GetConsoleOutputCP
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
TlsAlloc
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapFree
RtlUnwind
EnterCriticalSection
GetCPInfo
GetACP
LCMapStringA

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

qwkkmk
Size: 464KB - Virtual size: 462KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

iiikyu
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iqcoeie
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

041f66dbbda0bb7638232e343b791124

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 32KB - Virtual size: 29KB

qwkkmk Size: 464KB - Virtual size: 462KB

iiikyu Size: 24KB - Virtual size: 22KB

iqcoeie Size: 28KB - Virtual size: 24KB

.text
Size: 32KB - Virtual size: 29KB

qwkkmk
Size: 464KB - Virtual size: 462KB

iiikyu
Size: 24KB - Virtual size: 22KB

iqcoeie
Size: 28KB - Virtual size: 24KB