87a2756a68fabf20a756d51ca14d7435_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

87a2756a68fabf20a756d51ca14d7435_JaffaCakes118
Size

253KB
MD5

87a2756a68fabf20a756d51ca14d7435
SHA1

146198a9dd8465529f74007bf85e94569d8b6ed2
SHA256

7ad59e49c942f76c18cf1e90799276742a669beac5343de425ed85fba2c197af
SHA512

cce76f33740ae38f9d53a27f899565ef9e00f477d357c7ecb9536d638a291c806d0ed1256dcd6f882ce6a713e9e4281af644bfd6912e0532014c8ee3bf604e1f
SSDEEP

6144:A87HP5fxBiHWVIbfehCGJgZutDSmjbVNMB0nV3c31J9:Amv5fniVDehCGJiIjVNMBw3cr9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87a2756a68fabf20a756d51ca14d7435_JaffaCakes118

Files

87a2756a68fabf20a756d51ca14d7435_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd8ba3ee73447b34b0eb88e0d73c6752

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ReleaseMutex
GetLastError
CreateMutexA
TerminateThread
WaitForSingleObject
ResumeThread
SuspendThread
CreateThread
lstrlenA
DeleteFileA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetFileSize
CreateFileA
lstrcatA
GetModuleFileNameA
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleA
GetVersionExA
SetFileAttributesA
CreateDirectoryA
GetTempPathA
WriteFile
ReadFile
SetFilePointer
GetExitCodeProcess
CreateProcessA
GetStartupInfoA
GetACP
RemoveDirectoryA
FindClose
FindNextFileA
FindFirstFileA
GetStdHandle
LeaveCriticalSection
EnterCriticalSection
WaitForMultipleObjects
VirtualAlloc
VirtualFree
DeleteCriticalSection
CreateEventA
SetEvent
ResetEvent
InitializeCriticalSection
MultiByteToWideChar
WideCharToMultiByte
SetFileTime
CreateFileW
GetCommandLineA
SetFileAttributesW
GetFileAttributesA
CreateDirectoryW
DeleteFileW
GetCurrentThreadId
FindFirstFileW
SetEndOfFile
GetSystemInfo
FlushFileBuffers
SetStdHandle
LoadLibraryA
IsBadCodePtr
IsBadReadPtr
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
lstrcpyA
SetLastError
lstrcpynA
HeapSize
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsBadWritePtr
HeapCreate
Sleep
RtlUnwind
RaiseException
HeapFree
HeapReAlloc
HeapAlloc
TlsSetValue
ExitThread
GetVersion
ExitProcess
GetCPInfo
GetOEMCP
TlsAlloc
TlsGetValue
SetUnhandledExceptionFilter
HeapDestroy

user32

CharUpperW
CharUpperA
wsprintfA
LoadStringA
SetWindowTextA
GetSystemMenu
GetMenuItemCount
GetMenuItemID
EnableMenuItem
SendMessageA
ShowWindow
GetDlgItem
IsWindowVisible
KillTimer
EnableWindow
EndDialog
SetTimer
DialogBoxParamA
PostMessageA
CharNextA
MessageBoxA

gdi32

DeleteObject
CreateFontA

oleaut32

SysFreeString
VariantClear
SysAllocString

comctl32

ord17

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd8ba3ee73447b34b0eb88e0d73c6752

Headers

File Characteristics

Imports

kernel32

user32

gdi32

oleaut32

comctl32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 1.0MB

.rsrc Size: 36KB - Virtual size: 33KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 1.0MB

.rsrc
Size: 36KB - Virtual size: 33KB