838aa450b5f5a209173aad3624c1672f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

838aa450b5f5a209173aad3624c1672f_JaffaCakes118
Size

48KB
MD5

838aa450b5f5a209173aad3624c1672f
SHA1

53a235a8bd375c5122378c6ee0009a19f2dee47d
SHA256

dd77043808fc5860871bb6d485b542bf366915fedc61ff55c6c9a59e5e59121c
SHA512

be987fcfecaa2c3acd94a7044286752325bc46680d96543bb12b4579cbdc01e2a78277dee50f6716323e82a068d484406df0b99536132af8707f1ef758b0f4be
SSDEEP

768:GRiV7pvtILwx1hIcieFeIm9e8MyARNQvCy4k3+A3RuLT+V7RIn4Y/dNKez:6+YLYXIKYMpQGkNmlMe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
838aa450b5f5a209173aad3624c1672f_JaffaCakes118

Files

838aa450b5f5a209173aad3624c1672f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

265de66773c2f631828f7797a11b28c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCommandLineA
FlushConsoleInputBuffer
GetLogicalDriveStringsA
GetUserGeoID
GetConsoleWindow
PostQueuedCompletionStatus
GetModuleHandleA
ReadConsoleA
SetConsoleKeyShortcuts
GetConsoleAliasExesLengthA
Module32Next
EndUpdateResourceA
UnlockFileEx
FlushFileBuffers
SetVolumeLabelA
GetTapePosition
HeapCreate
IsBadStringPtrA
GetThreadPriorityBoost
FormatMessageA
UnregisterWait
GetConsoleAliasesA
Process32Next
ProcessIdToSessionId
WriteProfileStringA
ChangeTimerQueueTimer
RegisterWaitForSingleObject
CreatePipe
SignalObjectAndWait
GetModuleFileNameA
GetCommTimeouts
WaitForSingleObject
CompareFileTime
FlushViewOfFile
GetConsoleFontInfo
ReadConsoleOutputCharacterA
ClearCommError
UnregisterWaitEx
GetVolumeNameForVolumeMountPointA
GetLocaleInfoA
GetDllDirectoryA
GetDateFormatA
HeapFree
GetSystemTime
IsBadWritePtr
GetExitCodeProcess
lstrcmpiA
OpenProcess
GetTempFileNameA
GlobalLock
GetFileType
VirtualProtect
WaitForMultipleObjects
ExitVDM
GetCurrentConsoleFont
Heap32First
TransmitCommChar
VirtualAlloc
OpenEventA
WriteProcessMemory
GetShortPathNameA
UpdateResourceA
WriteConsoleOutputCharacterA
GetThreadLocale
CloseHandle
GetSystemDirectoryA
EnumUILanguagesA
TerminateThread
GetCurrentThreadId
WinExec
Process32First
GetCalendarInfoA
LZOpenFileA
SetTapeParameters
HeapQueryInformation
GetCommTimeouts
GetNamedPipeHandleStateA
GetCurrentDirectoryA
GetWindowsDirectoryA
SetFilePointerEx
OpenEventA
IsSystemResumeAutomatic
FindNextVolumeA
WriteConsoleOutputCharacterW
SignalObjectAndWait
IsDebuggerPresent
IsBadCodePtr
GetExitCodeThread
EndUpdateResourceA
FindNextVolumeMountPointA
GetPrivateProfileSectionA
CopyFileExW
HeapDestroy
GetComputerNameA
SetMessageWaitingIndicator
WriteConsoleInputA
HeapFree
GetFileAttributesExA
RemoveDirectoryA
GetCurrentThread
GetFileInformationByHandle
GetLogicalDrives
WriteConsoleOutputA

advapi32

InitializeSid

ntdll

RtlGetLastWin32Error

Sections

CODE
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

265de66773c2f631828f7797a11b28c5

Headers

File Characteristics

Imports

kernel32

advapi32

ntdll

Sections

CODE Size: 11KB - Virtual size: 12KB

DATA Size: 7KB - Virtual size: 8KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.tls Size: - Virtual size: 4KB

.rsrc Size: 23KB - Virtual size: 24KB

.reloc Size: 2KB - Virtual size: 4KB

CODE
Size: 11KB - Virtual size: 12KB

DATA
Size: 7KB - Virtual size: 8KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.tls
Size: - Virtual size: 4KB

.rsrc
Size: 23KB - Virtual size: 24KB

.reloc
Size: 2KB - Virtual size: 4KB