7743f2678cd069e9bf5a49f14355edc1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7743f2678cd069e9bf5a49f14355edc1_JaffaCakes118
Size

229KB
MD5

7743f2678cd069e9bf5a49f14355edc1
SHA1

928d6d54574522f4c6ea194d700d6687154320dc
SHA256

7a1b5f74196ac5b4c0d20a4798599149ca313b350718d66e269850711f8b19a2
SHA512

ad32e2f975dffde868d9f496a57ab82ed5385a439b9363e92e359bc1b90ff9c0a9de1d4976b36446940bf0b01043ce45d5a8334ccb86bceca24c26e5bfa0b92e
SSDEEP

3072:lfalGTB1iAUnPkjdU2zsRhaDo9XmvAhrivJekX0jxqf6/F9Uow1CG5CxtRX5IZIE:lfh128pzsRnvrXcW1wClxIZS5wlW2Yk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7743f2678cd069e9bf5a49f14355edc1_JaffaCakes118

Files

7743f2678cd069e9bf5a49f14355edc1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b5ce3b7ba759588ed2bbd4b448d62174

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

TlsGetValue
WriteFile
FlushFileBuffers
GetStringTypeW
GetLastError
GetModuleHandleW
SetStdHandle
LoadLibraryA
GetThreadLocale
WaitForMultipleObjects
FreeLibrary
UnhandledExceptionFilter
GetFileInformationByHandle
GetStdHandle
WriteConsoleA
GetLocaleInfoA
GetOEMCP
GetCurrentThreadId
GetStringTypeA
GetFileType
GetLocalTime
GetCurrentProcessId
lstrcmpiW
CompareStringA
FindNextFileA
SetUnhandledExceptionFilter
lstrcmpW
GetProcAddress
MapViewOfFile
EnterCriticalSection
Sleep
SetConsoleCtrlHandler
MultiByteToWideChar
GetFileAttributesA
GetACP
GetCommandLineA
InitializeCriticalSection
GetCurrentProcess
GetModuleHandleA
HeapAlloc
QueryPerformanceCounter
ExitProcess
IsBadWritePtr
WideCharToMultiByte
FreeEnvironmentStringsA
GetTickCount
GetSystemInfo
GetStartupInfoA
VirtualFree
CreateProcessW
ReadFile
LocalAlloc
FindResourceW
GetConsoleOutputCP
RtlUnwind
VirtualProtect
DeleteCriticalSection
ExpandEnvironmentStringsW
SetConsoleCP
CreateMutexW
CompareStringW

user32

ReleaseCapture
IntersectRect
ReleaseDC
GetSystemMetrics
UnregisterClassA
wsprintfA
EndDialog
GetMessageW
KillTimer
CallWindowProcA
GetWindowPlacement
GetScrollPos

rpcrt4

RpcStringFreeW

msvcrt

__dllonexit
wcsstr
realloc
??3@YAXPAX@Z
??1exception@@UAE@XZ
memset
??1type_info@@UAE@XZ
??2@YAPAXI@Z
_adjust_fdiv
_vsnwprintf

advapi32

ReportEventW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyA

gdi32

CreateCompatibleDC
Escape
SelectObject
DeleteObject
GetDeviceCaps
GetStockObject
SetMapMode

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CoInitializeEx
CoTaskMemFree

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 178KB - Virtual size: 427KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 942B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5ce3b7ba759588ed2bbd4b448d62174

Headers

File Characteristics

Imports

kernel32

user32

rpcrt4

msvcrt

advapi32

gdi32

ole32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 178KB - Virtual size: 427KB

.rsrc Size: 1024B - Virtual size: 942B

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 178KB - Virtual size: 427KB

.rsrc
Size: 1024B - Virtual size: 942B