7201d86b27cb98e022ba61be95b8b97e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7201d86b27cb98e022ba61be95b8b97e_JaffaCakes118
Size

691KB
MD5

7201d86b27cb98e022ba61be95b8b97e
SHA1

caa60f40a581c86c80115c2a26a8aee2c2964c2f
SHA256

257fc0dd16fe7880d4a571f180ab0e3252533619c035af352f115fa1dfb57635
SHA512

b307221daf5bca3f308e9c7d5fa67a4471062bf3e59292cdcab69a16e43a138415cda22047abe9cbe9d1f9047e6685a2e1db2ffa0feaed79e7f4f8647a8ce233
SSDEEP

12288:+o7X2JfEjZPg4q3eSzpB5T4BN37LQW8m2cXOCWgi9fTDkLhBn:57k+hwzDN4BB5Tj+CRi97DkNB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7201d86b27cb98e022ba61be95b8b97e_JaffaCakes118

Files

7201d86b27cb98e022ba61be95b8b97e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

39ba5e296e935a55412b86ae005057ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

RtlUnwind
IsValidCodePage
OutputDebugStringA
lstrlenA
WideCharToMultiByte
VirtualFree
CreateFileA
LoadLibraryW
FreeLibrary
WriteConsoleA
GetVersion
OpenWaitableTimerA
WritePrivateProfileStringA
TerminateProcess
TlsSetValue
FlushFileBuffers
HeapReAlloc
TryEnterCriticalSection
TlsFree
GetUserDefaultLCID
DebugBreak
GetCurrentThreadId
ReadFile
EnterCriticalSection
ReleaseMutex
HeapCreate
GetCurrentProcessId
GetStdHandle
GetConsoleOutputCP
GetOEMCP
InitializeCriticalSection
GetStringTypeW
WriteFile
GetStringTypeExA
IsValidLocale
ReadConsoleInputW
GetStringTypeA
CloseHandle
GetTimeZoneInformation
GetStartupInfoA
GetConsoleMode
GetTimeFormatA
SetLastError
WriteConsoleW
TlsAlloc
SetUnhandledExceptionFilter
GetModuleFileNameA
LeaveCriticalSection
LCMapStringW
GetLocaleInfoA
GetDateFormatA
DeleteCriticalSection
IsBadReadPtr
FreeEnvironmentStringsA
CreateMutexA
ExitProcess
VirtualAlloc
CompareStringW
HeapValidate
HeapAlloc
VirtualQuery
MultiByteToWideChar
GlobalFlags
GetModuleFileNameW
GetFileType
GetCommandLineA
HeapDestroy
CompareStringA
GetCurrentThread
GetProcessHeap
InterlockedExchange
GetCurrentProcess
SetHandleCount
SetConsoleCtrlHandler
InterlockedIncrement
EnumSystemLocalesA
GetSystemTimeAsFileTime
RaiseException
TlsGetValue
HeapFree
ResumeThread
EnumSystemLocalesW
UnhandledExceptionFilter
GetLogicalDrives
GetVersionExA
QueryPerformanceCounter
FreeEnvironmentStringsW
OutputDebugStringW
GetEnvironmentStrings
InterlockedDecrement
SetFilePointer
LCMapStringA
GetProcAddress
GetConsoleCP
SetEnvironmentVariableA
GetCommandLineW
GetModuleHandleA
GetStartupInfoW
GetCPInfo
GetACP
GetLastError
DeleteAtom
IsDebuggerPresent
OpenMutexA
LoadLibraryA
GetEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetTickCount
OpenSemaphoreW

gdi32

CreatePatternBrush
BitBlt
GetEnhMetaFileBits
CreateHatchBrush

shell32

ShellExecuteExW
ShellAboutW
SHGetFileInfo

user32

SetWindowsHookExW
IsCharUpperW
MapVirtualKeyA
RegisterClassA
RegisterClassExA
DdePostAdvise
HideCaret
GetClipboardFormatNameW

Sections

.text
Size: 470KB - Virtual size: 469KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39ba5e296e935a55412b86ae005057ae

Headers

File Characteristics

Imports

comctl32

kernel32

gdi32

shell32

user32

Sections

.text Size: 470KB - Virtual size: 469KB

.rdata Size: 95KB - Virtual size: 110KB

.data Size: 107KB - Virtual size: 107KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 470KB - Virtual size: 469KB

.rdata
Size: 95KB - Virtual size: 110KB

.data
Size: 107KB - Virtual size: 107KB

.rsrc
Size: 17KB - Virtual size: 17KB