841166f7a253e111487f32f66cf81976_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

841166f7a253e111487f32f66cf81976_JaffaCakes118
Size

497KB
MD5

841166f7a253e111487f32f66cf81976
SHA1

f0d7f068de687de36d42ab1fc9b89a879b67da59
SHA256

0a29e3c735a04a7b9943e702aef0b80436903b51ea657a0f68515849ce170b4a
SHA512

c8df85019bcc4389f2a3a90bd1823596225de1f833046222b3fefcf10317e77d194fb138481572bf42cbc8dc1e574f38d1e043e34084aaf3971fd975bf13fad5
SSDEEP

12288:/lA4YwnpK0L6gcTOMDRJrqP5acbv8NQxjN:/lA4JxL/a3tJuP5TbPj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
841166f7a253e111487f32f66cf81976_JaffaCakes118

Files

841166f7a253e111487f32f66cf81976_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e7439ebf1864eb7d34b6fc33d39c099

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

GetUpdateRgn
SetActiveWindow
RegisterClassA
RegisterClassExA
GetClipboardOwner
ScrollWindow

kernel32

TlsFree
EnumSystemLocalesA
InterlockedExchange
GetUserDefaultLCID
GetFileType
GetTimeZoneInformation
GetCommandLineA
CompareStringA
GetEnvironmentStringsW
TlsGetValue
HeapSize
GetStdHandle
SetHandleCount
GetCPInfo
GetDriveTypeW
DeleteCriticalSection
TlsSetValue
GetCurrentThread
SetUnhandledExceptionFilter
RtlUnwind
GetNumberFormatA
GetLocaleInfoA
IsValidCodePage
EnterCriticalSection
ExitProcess
HeapCreate
LCMapStringA
SetFilePointer
GetModuleFileNameA
GetDateFormatA
CreateFileA
ReadFile
GetStartupInfoA
GetCurrentThreadId
CloseHandle
GetLastError
GetOEMCP
FreeLibrary
GetProcAddress
GetModuleFileNameW
SetConsoleCtrlHandler
LoadLibraryA
HeapDestroy
UnhandledExceptionFilter
SetEnvironmentVariableA
IsDebuggerPresent
GetCommandLineW
QueryPerformanceCounter
VirtualFree
WriteConsoleW
GetLocaleInfoW
GetStringTypeW
WideCharToMultiByte
GetCurrentProcess
GetStringTypeA
HeapFree
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
HeapAlloc
MultiByteToWideChar
VirtualQuery
IsValidLocale
GetConsoleCP
GetTimeFormatA
WriteConsoleA
OpenMutexA
GetModuleHandleA
Sleep
FreeEnvironmentStringsW
WaitForMultipleObjectsEx
HeapReAlloc
LeaveCriticalSection
GetConsoleOutputCP
CreateMutexA
GetStartupInfoW
GetConsoleMode
TlsAlloc
InterlockedIncrement
GetTickCount
TerminateProcess
GetModuleHandleW
FlushFileBuffers
SetLastError
VirtualAlloc
LCMapStringW
CompareStringW
SetStdHandle
WriteFile
GetCurrentProcessId
GetACP
InterlockedDecrement

Sections

.text
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e7439ebf1864eb7d34b6fc33d39c099

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 161KB - Virtual size: 160KB

.rdata Size: 9KB - Virtual size: 32KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 161KB - Virtual size: 160KB

.rdata
Size: 9KB - Virtual size: 32KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 13KB - Virtual size: 12KB