7200f91c80bfbbe2851957f3bd363c4f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7200f91c80bfbbe2851957f3bd363c4f_JaffaCakes118
Size

366KB
MD5

7200f91c80bfbbe2851957f3bd363c4f
SHA1

1791124a2f4d1b3dd406f0090ddc4dc1b388cd6a
SHA256

180f6098ea5d67b9f60a952e9b0ddeb6da163a710e83d25732faae3b351c3dad
SHA512

770bc9585ef591515d8a54ce5f4efbda771ae091bdd2de59f19c7d558ec6413828ec3a31c80dbee2bffc4dcb24b055de0c197b453876f9052a3930afb78943eb
SSDEEP

6144:ouRjDP1vYMXHaDzC45GQ7TklHenVzW9v2fY0nneM1SXJh4ZZMKa2eQ:oGFYugC8GQO+Vzrnf1SYtN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7200f91c80bfbbe2851957f3bd363c4f_JaffaCakes118

Files

7200f91c80bfbbe2851957f3bd363c4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

544550cbaaea2ae65b530357157ee02d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
GetACP
SetHandleCount
HeapDestroy
CompareStringW
GetTimeZoneInformation
GetCurrentProcessId
GetCPInfo
TlsGetValue
SetThreadContext
GetFileType
EnterCriticalSection
GetCurrentThread
TerminateProcess
VirtualQuery
WriteFile
GetLocaleInfoA
GetModuleFileNameA
ReadFile
HeapAlloc
GetOEMCP
FreeEnvironmentStringsW
DeleteCriticalSection
OpenMutexA
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetEnvironmentStrings
LocalShrink
HeapReAlloc
MultiByteToWideChar
GetTickCount
SetLastError
QueryPerformanceCounter
GetModuleHandleA
SetStdHandle
GetStdHandle
VirtualFree
GetStringTypeA
WritePrivateProfileStringA
TlsAlloc
GetTempFileNameA
LoadLibraryA
InitializeCriticalSection
FlushFileBuffers
GetUserDefaultLCID
GetCurrentProcess
GetDateFormatA
GetProcAddress
GetVersionExA
FindResourceW
VirtualProtect
GetEnvironmentStringsW
CloseHandle
RtlUnwind
VirtualAlloc
GetProcessShutdownParameters
IsValidCodePage
LeaveCriticalSection
TlsFree
GetFileAttributesA
GetStartupInfoA
LCMapStringW
IsBadWritePtr
IsValidLocale
WideCharToMultiByte
GetLongPathNameW
GetTimeFormatA
HeapFree
GetLastError
HeapCreate
GetSystemInfo
CreateMutexA
InterlockedExchange
GetLocaleInfoW
CompareStringA
HeapSize
UnhandledExceptionFilter
SetEnvironmentVariableA
ExitProcess
GetCurrentThreadId
EnumSystemLocalesA
SetFilePointer
GetStringTypeW
TlsSetValue
EnumResourceTypesA
GetCommandLineA

user32

LoadImageA
ShowOwnedPopups
SetClipboardViewer
RegisterClassExA
DdeCreateStringHandleA
SetScrollRange
GetMenuState
GetMessageW
EnumDisplaySettingsA
MapVirtualKeyExA
ClipCursor
GetClassLongA
ExitWindowsEx
WindowFromPoint
LoadStringA
ToAscii
LookupIconIdFromDirectory
SendInput
RegisterClassA
GetMenuCheckMarkDimensions
IsWindowEnabled

comctl32

InitCommonControlsEx

Sections

.text
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

544550cbaaea2ae65b530357157ee02d

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 143KB - Virtual size: 143KB

.rdata Size: 8KB - Virtual size: 30KB

.data Size: 205KB - Virtual size: 205KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 143KB - Virtual size: 143KB

.rdata
Size: 8KB - Virtual size: 30KB

.data
Size: 205KB - Virtual size: 205KB

.rsrc
Size: 8KB - Virtual size: 7KB