7078bf30971091a83673ff9fefc98595_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7078bf30971091a83673ff9fefc98595_JaffaCakes118
Size

602KB
MD5

7078bf30971091a83673ff9fefc98595
SHA1

4686da89bcb76f26473869749d158f1fbacb6c3a
SHA256

23b701b7cdfd161a076d4d1f08b81c7560287b8cebcc5afdf39515dfbc3530ba
SHA512

7b32368ad80c65e46f7bbffc2f359ce91bf3b0ebfc4251b3f927dd31433d0a1d056b91c5ec9cd12007b84fc4c79806a6a82c8ddb91fa9dd02316ddc8a137d8bf
SSDEEP

12288:rSf7C8kfejDZUa1lJL+Z2WmnlKZ+3JNZgtDKYeHGYe:rGC8kfejDaa/JLz7KC1gtDKYeZe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7078bf30971091a83673ff9fefc98595_JaffaCakes118

Files

7078bf30971091a83673ff9fefc98595_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a9ffe0d0cc1ae331901150218f4a58f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
WriteConsoleA
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetACP
InterlockedIncrement
RemoveDirectoryW
EnumSystemLocalesA
VirtualFree
GetUserDefaultLCID
HeapDestroy
GetFileType
EnumSystemCodePagesA
GetStdHandle
WideCharToMultiByte
GetStartupInfoA
LeaveCriticalSection
GetOEMCP
GetCurrentProcessId
SetConsoleCtrlHandler
LCMapStringW
GetTimeFormatA
CompareStringW
HeapCreate
GetLocaleInfoW
ReadFile
HeapFree
GetLastError
GetCommandLineA
OpenMutexA
InitializeCriticalSection
IsValidCodePage
ExitProcess
AllocConsole
GetConsoleCP
TlsAlloc
GetProcessHeap
GetVersionExA
FreeEnvironmentStringsW
GetStringTypeA
GetModuleFileNameA
WriteConsoleOutputAttribute
VirtualAlloc
CreateMutexA
SetLastError
LCMapStringA
IsDebuggerPresent
TlsFree
SetHandleCount
GetProcAddress
GetCurrentThread
SetStdHandle
GetModuleHandleA
InterlockedExchange
DeleteCriticalSection
GetEnvironmentStrings
QueryPerformanceCounter
SetUnhandledExceptionFilter
MultiByteToWideChar
VirtualQuery
InterlockedDecrement
IsValidLocale
CompareStringA
HeapReAlloc
GetTickCount
HeapSize
Sleep
GetConsoleOutputCP
GetConsoleMode
GetDateFormatA
FindResourceExA
GetCurrentProcess
CreateFileA
UnhandledExceptionFilter
GetStringTypeW
HeapAlloc
CloseHandle
GetSystemTimeAsFileTime
GetCurrentThreadId
TerminateProcess
GetLocaleInfoA
WriteConsoleW
SetEnvironmentVariableA
TlsGetValue
FreeLibrary
WriteFile
FlushFileBuffers
EnterCriticalSection
TlsSetValue
LoadLibraryA
RtlUnwind
GetCPInfo
GetTimeZoneInformation

comctl32

InitCommonControlsEx
ImageList_SetDragCursorImage
ImageList_AddIcon
_TrackMouseEvent
CreateToolbar
ImageList_GetFlags
ImageList_SetFilter
GetEffectiveClientRect
CreatePropertySheetPageA
ImageList_DrawIndirect
ImageList_Add
ImageList_SetOverlayImage
ImageList_SetImageCount
ImageList_SetBkColor
DestroyPropertySheetPage
ImageList_GetImageInfo
ImageList_Duplicate
ImageList_SetIconSize
DrawStatusTextW
ImageList_Create
ImageList_DrawEx
InitMUILanguage
CreateStatusWindowA

user32

DefWindowProcA
CreateWindowExA
RegisterClassA
DrawIconEx
SetDlgItemTextW
GetKeyboardState
DestroyWindow
UnhookWindowsHook
DrawTextW
RemovePropW
ShowWindow
CharPrevW
RegisterClassExA
MessageBoxW
OffsetRect
UnpackDDElParam

Sections

.text
Size: 238KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 207KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9ffe0d0cc1ae331901150218f4a58f7

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 238KB - Virtual size: 238KB

.rdata Size: 207KB - Virtual size: 227KB

.data Size: 114KB - Virtual size: 114KB

.rsrc Size: 41KB - Virtual size: 40KB

.text
Size: 238KB - Virtual size: 238KB

.rdata
Size: 207KB - Virtual size: 227KB

.data
Size: 114KB - Virtual size: 114KB

.rsrc
Size: 41KB - Virtual size: 40KB