82caca71a8601adfd8367f63eeeb4232_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

82caca71a8601adfd8367f63eeeb4232_JaffaCakes118
Size

332KB
MD5

82caca71a8601adfd8367f63eeeb4232
SHA1

a4f960ae18bb4a37b8caba8b80f48bece3548d88
SHA256

9f90f6f0468f4a679d4f2d7760a7147ab69005c79308d5b439c3292725a8211e
SHA512

f66d1bb0f9569030c77cd80068ddea9615a2e9c21252428ab93e9165b59092b9bc758dadc5005575d2d44a7252d4aaff0e64949fa3e3119419a2b7f657ae09e5
SSDEEP

6144:8Ww9mbrdYtMQp3dkwZCGvyvUKqRPu+tsHTZGD+mV3BqljD5uNR:8Ufd3QAwZCGKUJs+8dGDR3Bq55uN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82caca71a8601adfd8367f63eeeb4232_JaffaCakes118

Files

82caca71a8601adfd8367f63eeeb4232_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dea66841be5ec7861a3280b9d592e1b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMonitorInfoW
RegisterClassA
CascadeChildWindows
RegisterClassExA

comctl32

InitCommonControlsEx

kernel32

GlobalAddAtomW
VirtualFree
GetVersionExA
IsValidCodePage
GetCurrentThread
HeapFree
WideCharToMultiByte
TlsFree
GetTimeFormatA
LCMapStringA
GetCurrentProcessId
IsDebuggerPresent
ReadFile
LCMapStringW
SetConsoleCtrlHandler
ExitProcess
CreateMutexA
GetEnvironmentStrings
SystemTimeToFileTime
InterlockedIncrement
HeapSize
HeapReAlloc
GetSystemTime
GetLocaleInfoW
InitializeCriticalSection
RtlZeroMemory
TerminateProcess
SetStdHandle
InterlockedExchange
GetDateFormatA
HeapDestroy
GetACP
SetEndOfFile
lstrcmp
WaitNamedPipeA
CompareStringA
GetFileType
GetOEMCP
LoadLibraryA
GetModuleFileNameA
GetConsoleMode
GetConsoleCP
WaitForMultipleObjectsEx
GetTimeZoneInformation
QueryPerformanceCounter
GetModuleHandleA
EnumSystemLocalesA
FlushFileBuffers
Sleep
OpenMutexA
UnhandledExceptionFilter
GetStdHandle
CreateDirectoryW
GetUserDefaultLCID
GetCurrentProcess
GetSystemTimeAsFileTime
EnterCriticalSection
SetUnhandledExceptionFilter
GetTickCount
WriteConsoleW
TlsSetValue
SetEnvironmentVariableA
MultiByteToWideChar
VirtualAlloc
CloseHandle
TlsAlloc
IsValidLocale
GetConsoleOutputCP
GetStringTypeW
GetProcAddress
SetHandleCount
ReadConsoleInputA
EnumSystemLocalesW
SetFilePointer
GetLocaleInfoA
CompareStringW
GetCurrentThreadId
WriteConsoleA
GetStringTypeA
FreeEnvironmentStringsA
TlsGetValue
GetProcessHeap
GetEnvironmentStringsW
GetLastError
GetCommandLineA
LeaveCriticalSection
GetStartupInfoA
DeleteCriticalSection
CreateFileA
RtlUnwind
WriteFile
HeapAlloc
HeapCreate
GetCPInfo
FreeEnvironmentStringsW
VirtualQuery
SetLastError
FreeLibrary
InterlockedDecrement
GetLongPathNameA
LoadModule

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dea66841be5ec7861a3280b9d592e1b9

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 135KB - Virtual size: 135KB

.rdata Size: 9KB - Virtual size: 37KB

.data Size: 173KB - Virtual size: 172KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 135KB - Virtual size: 135KB

.rdata
Size: 9KB - Virtual size: 37KB

.data
Size: 173KB - Virtual size: 172KB

.rsrc
Size: 13KB - Virtual size: 13KB