7820f3dfadbf5776fad306dea72dc1d3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7820f3dfadbf5776fad306dea72dc1d3_JaffaCakes118
Size

585KB
MD5

7820f3dfadbf5776fad306dea72dc1d3
SHA1

1a7ecbb343de6dfdd2ffab19e08d119fbca10414
SHA256

1db810b5a84d71ade7430f24f327f2374d010e638a0b7801d129aa7a57977ccb
SHA512

cd712dcad581b57b10d8c97c9faf2ab5ed8769726e481f0293876e44f952fd155251ce1afe1b638176928c8eba3c905b6a0879f830c2f4b154356bff8865f8c0
SSDEEP

12288:3a/i0g1EpXMtcS3CAVgq98DpBsnnI1PcmD5t8LqSn8+7S:3QiF1EpXMtj3CAVg06pBGI1NdyB8oS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7820f3dfadbf5776fad306dea72dc1d3_JaffaCakes118

Files

7820f3dfadbf5776fad306dea72dc1d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

443a2e568de2f8361e6e476c2dd39698

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarInfoW
EnterCriticalSection
SetFilePointer
GetCurrentProcessId
GetTimeFormatA
GetModuleHandleA
LockFileEx
LCMapStringW
EnumSystemLocalesA
GetEnvironmentStrings
GetEnvironmentVariableW
GetUserDefaultLCID
OpenSemaphoreA
GetTickCount
InitializeCriticalSection
WriteConsoleW
TlsGetValue
ReadFile
SetLastError
InterlockedDecrement
CloseHandle
Sleep
FlushViewOfFile
HeapSize
GetConsoleMode
TlsSetValue
VirtualQuery
MapViewOfFile
HeapAlloc
FreeEnvironmentStringsW
SetStdHandle
GetModuleFileNameA
SetEnvironmentVariableA
GetCommandLineW
LeaveCriticalSection
GetCommandLineA
HeapReAlloc
GetCPInfo
GetSystemTimeAsFileTime
DeleteCriticalSection
TlsFree
GetCurrentThread
LoadLibraryA
GetStartupInfoA
GetCurrentThreadId
CreateMutexA
GetStringTypeW
IsValidCodePage
QueryPerformanceCounter
GetEnvironmentStringsA
GetDriveTypeW
lstrlenW
GetLocaleInfoA
WideCharToMultiByte
HeapDestroy
CompareStringW
TerminateProcess
GetConsoleCP
GetFileType
GetConsoleOutputCP
UnhandledExceptionFilter
HeapFree
VirtualFree
LCMapStringA
GetLocaleInfoW
GetTempFileNameA
GetProcAddress
FlushFileBuffers
GetOEMCP
GetStartupInfoW
GetDateFormatA
WriteConsoleA
GetStringTypeA
GetModuleFileNameW
OpenMutexA
GetFileAttributesA
GetEnvironmentStringsW
GetTimeZoneInformation
GetLastError
GetACP
CreateFileA
HeapCreate
FreeLibrary
FreeEnvironmentStringsA
InterlockedIncrement
VirtualAllocEx
ExitProcess
SetConsoleCtrlHandler
VirtualAlloc
GetCurrentProcess
TlsAlloc
RtlUnwind
WriteFile
GetStdHandle
SetHandleCount
lstrcmpiA
IsValidLocale
GetProfileSectionW
GetVersionExA
MultiByteToWideChar
CompareStringA
InterlockedExchange
ReadConsoleInputW
IsDebuggerPresent
IsBadWritePtr
SetUnhandledExceptionFilter
GetProcessHeap
DeleteFiber

comctl32

InitCommonControlsEx

user32

CopyImage
DrawEdge
DdeGetData
RegisterClassA
InsertMenuItemW
GetAsyncKeyState
LookupIconIdFromDirectoryEx
VkKeyScanExA
ChangeDisplaySettingsExA
GetMessageExtraInfo
SetKeyboardState
RegisterClassExA

Sections

.text
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 318KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

443a2e568de2f8361e6e476c2dd39698

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 249KB - Virtual size: 249KB

.rdata Size: 9KB - Virtual size: 20KB

.data Size: 318KB - Virtual size: 317KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 249KB - Virtual size: 249KB

.rdata
Size: 9KB - Virtual size: 20KB

.data
Size: 318KB - Virtual size: 317KB

.rsrc
Size: 7KB - Virtual size: 7KB