843d930131a6a6b2cfd8ea12035c8585_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

843d930131a6a6b2cfd8ea12035c8585_JaffaCakes118
Size

365KB
MD5

843d930131a6a6b2cfd8ea12035c8585
SHA1

7c5268f1b1ffc74a79e3943992f33a31bb311870
SHA256

66856fc77624459b6b8062a0fbd10df8abf39d4a8ad94611108b9bf577d7872a
SHA512

84fc100d94d020a226bf2509c2483696be2ddc92db9dc972e2a2bbdf49585ca94e542cc020fa292016a000943dde5ae9138e6783f06ef82808a66717254e98b2
SSDEEP

6144:7bM3yfLk/YX9lNL6EUdKX1GdRRHvh5W9qG0BN1h9ZNWvaOSzoD99ct921Jl:03ygkl56E/1GdR5Z5W9qG0b1hfN6aOSO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
843d930131a6a6b2cfd8ea12035c8585_JaffaCakes118

Files

843d930131a6a6b2cfd8ea12035c8585_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5aa320a3eb6899a98a6f1a3d54f91150

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawEdge
InsertMenuW
SystemParametersInfoW
RegisterClassA
RegisterClassExA
LookupIconIdFromDirectory
GetUpdateRgn

comctl32

InitCommonControlsEx

kernel32

AddAtomW
DebugActiveProcess
VirtualQuery
GetConsoleMode
InterlockedIncrement
FreeEnvironmentStringsW
GetConsoleTitleW
GetTickCount
EnumSystemCodePagesA
GetVersion
GetModuleHandleA
LockResource
HeapCreate
LeaveCriticalSection
CreateMutexA
FreeEnvironmentStringsA
TlsAlloc
HeapDestroy
GetStartupInfoA
SetHandleCount
HeapAlloc
TlsGetValue
QueryPerformanceCounter
GetStdHandle
CompareStringA
HeapFree
TerminateProcess
MultiByteToWideChar
FlushFileBuffers
WriteFile
LocalShrink
InterlockedDecrement
SetEndOfFile
OpenMutexA
EnumSystemCodePagesW
GetOEMCP
UnhandledExceptionFilter
SetEnvironmentVariableA
RtlFillMemory
CloseHandle
IsBadWritePtr
GetCurrentProcess
GetModuleFileNameA
ExitProcess
GetCurrentThreadId
GetThreadLocale
GetStringTypeW
GetCurrentProcessId
GetStringTypeExW
VirtualFree
RtlUnwind
GetProcAddress
GetEnvironmentStringsW
SetFilePointer
InterlockedExchange
DeleteCriticalSection
ReadFile
GetProfileStringA
LCMapStringA
GetStringTypeA
GetPrivateProfileSectionA
GetTimeZoneInformation
VirtualAlloc
GetSystemTimeAsFileTime
SetLastError
GetEnvironmentStrings
LCMapStringW
CreateWaitableTimerW
EnumSystemLocalesW
GetACP
LoadLibraryA
WideCharToMultiByte
GetCPInfo
GetSystemTime
GetPriorityClass
GetTimeFormatA
GetFileType
GetCommandLineA
TlsFree
CompareStringW
SetStdHandle
InitializeCriticalSection
EnterCriticalSection
GetLocalTime
HeapReAlloc
GetCurrentThread
TlsSetValue
GetLastError

Sections

.text
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5aa320a3eb6899a98a6f1a3d54f91150

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 213KB - Virtual size: 213KB

.rdata Size: 36KB - Virtual size: 41KB

.data Size: 91KB - Virtual size: 91KB

.rsrc Size: 22KB - Virtual size: 22KB

.text
Size: 213KB - Virtual size: 213KB

.rdata
Size: 36KB - Virtual size: 41KB

.data
Size: 91KB - Virtual size: 91KB

.rsrc
Size: 22KB - Virtual size: 22KB