76987ca802947ce4b5e017f9d93ffccf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

76987ca802947ce4b5e017f9d93ffccf_JaffaCakes118
Size

518KB
MD5

76987ca802947ce4b5e017f9d93ffccf
SHA1

0e67924942845a086948b88d5840e29cab2f3951
SHA256

d48977d9d7111dd20dbea0556fff24541b0f58060fadba6649831099fdb48d1a
SHA512

fd37a86af8612b089cf16cc62a853b7a1f72646da508cdbd889fc19642bbc882cbf15a5057929be67f5aec9544282c5aaaed9afb27a838c83c4b9e3d0145a3d0
SSDEEP

6144:s9C0p01trya1+YbcmwVFmWIaYm/haBMUp44h0iCX3CY2LSKJjOHtdpL/F788k3DO:sGxyycumhOKkeKJjOL188wDJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76987ca802947ce4b5e017f9d93ffccf_JaffaCakes118

Files

76987ca802947ce4b5e017f9d93ffccf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf54a2b534f0f6da5e097b6a01ab8844

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
OpenMutexA
GetModuleHandleA
InterlockedIncrement
MultiByteToWideChar
HeapCreate
VirtualFree
CompareStringA
GlobalAddAtomW
CompareStringW
WideCharToMultiByte
CreateProcessA
GetEnvironmentStringsW
HeapAlloc
ReadFile
GetCurrentProcessId
CreateMutexA
InterlockedDecrement
FormatMessageA
HeapReAlloc
InterlockedCompareExchange
LoadLibraryA
LeaveCriticalSection
GetStringTypeA
GetModuleFileNameA
HeapFree
GetProcAddress
GetTimeZoneInformation
GetLastError
InitializeCriticalSection
GetVersion
GetCPInfo
GetSystemTimeAsFileTime
GetLocalTime
TryEnterCriticalSection
GetStdHandle
GetCurrentThreadId
TlsAlloc
VirtualQuery
FreeEnvironmentStringsA
GetACP
IsBadWritePtr
FreeEnvironmentStringsW
GetCurrentProcess
FlushFileBuffers
SetFilePointer
GetEnvironmentStrings
GetSystemTime
SetEnvironmentVariableA
UnhandledExceptionFilter
WriteFile
DeleteCriticalSection
TerminateProcess
GetStartupInfoA
LCMapStringA
InterlockedExchange
GetCurrentThread
EnterCriticalSection
TlsFree
GetCommandLineA
GetFileType
ExitProcess
GetTickCount
LCMapStringW
RtlUnwind
SetLastError
GetStringTypeW
OpenSemaphoreW
VirtualAlloc
QueryPerformanceCounter
SetHandleCount
WriteConsoleInputA
CloseHandle
SetStdHandle
TlsGetValue
HeapDestroy
TlsSetValue

comctl32

InitCommonControlsEx

user32

CreateIconIndirect
LoadIconA
RegisterClassA
ChangeMenuW
DlgDirListA
GetClipCursor
RegisterClassExA
RegisterDeviceNotificationA
UnregisterClassW
SetWindowPlacement
LockWindowUpdate
WaitMessage
SetThreadDesktop
CallMsgFilterA
GetKeyboardLayoutList
MapVirtualKeyW

shell32

SHGetFileInfoA
SHUpdateRecycleBinIcon
DragQueryFileA

Sections

.text
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf54a2b534f0f6da5e097b6a01ab8844

Headers

File Characteristics

Imports

kernel32

comctl32

user32

shell32

Sections

.text Size: 197KB - Virtual size: 196KB

.rdata Size: 4KB - Virtual size: 18KB

.data Size: 313KB - Virtual size: 312KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 197KB - Virtual size: 196KB

.rdata
Size: 4KB - Virtual size: 18KB

.data
Size: 313KB - Virtual size: 312KB

.rsrc
Size: 3KB - Virtual size: 3KB