890b9aa2569b91af0c3612939c3ed0b7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

890b9aa2569b91af0c3612939c3ed0b7_JaffaCakes118
Size

396KB
MD5

890b9aa2569b91af0c3612939c3ed0b7
SHA1

3d0173de8e6e73a7ddfb05e23eb049436fa22a1a
SHA256

e1f075adb3315be8f985cb96f39e65d4e6c8786732c21f023523792382ddff38
SHA512

cb2afebcf2523e8da1df93acd39115b9044bd1cea91c192e6a2bc46142869dd52f3d8b2a7865570926cbf1fdab1104592dbad87122c3fd1c4823c3ee7f16c264
SSDEEP

12288:R4RnIwjInygSVaNbLOr87FF6FsoBOtm4Xoe:R4jI+uHOc6aoBIpXo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
890b9aa2569b91af0c3612939c3ed0b7_JaffaCakes118

Files

890b9aa2569b91af0c3612939c3ed0b7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a51c93d254806cdadedc7b99bee5ff7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
IsBadWritePtr
CompareStringW
EnterCriticalSection
GetUserDefaultLCID
GetCPInfo
HeapAlloc
LoadLibraryA
GetDateFormatA
UnhandledExceptionFilter
EnumSystemLocalesA
WaitForMultipleObjects
GetACP
GetLocaleInfoA
InterlockedExchange
TlsFree
GetFileType
HeapDestroy
HeapSize
FreeEnvironmentStringsA
WriteFile
GetStartupInfoA
InitializeCriticalSection
GetStartupInfoW
GetDateFormatW
LCMapStringA
GetTimeFormatA
HeapCreate
GetProcAddress
GetCommandLineW
GetVersionExA
HeapFree
DeleteCriticalSection
GetOEMCP
WriteConsoleInputA
LCMapStringW
VirtualQuery
TlsSetValue
LeaveCriticalSection
VirtualProtect
GetLastError
MultiByteToWideChar
GetCurrentThread
GetTimeZoneInformation
HeapReAlloc
TlsGetValue
ExitProcess
GetCommandLineA
FreeEnvironmentStringsW
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
SetLastError
GetModuleHandleA
GetStringTypeW
SetEnvironmentVariableA
SetHandleCount
GetCurrentThreadId
WideCharToMultiByte
IsValidCodePage
GetModuleFileNameW
GetSystemInfo
GetCurrentProcessId
GetModuleFileNameA
TlsAlloc
GetLocaleInfoW
CompareStringA
GetTickCount
IsValidLocale
GetEnvironmentStrings
GetStringTypeA
GetSystemTimeAsFileTime
VirtualFree
RtlUnwind
GetStdHandle

gdi32

GetTextExtentPointA
CreatePolygonRgn

user32

IsWindow
SendMessageTimeoutA
RealChildWindowFromPoint
EnumDisplaySettingsExA

shell32

ShellHookProc
SHEmptyRecycleBinA
FindExecutableW
SHLoadInProc
SHInvokePrinterCommandA
ExtractAssociatedIconA
ShellAboutA
DragFinish
SHGetFileInfoA

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 271KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a51c93d254806cdadedc7b99bee5ff7b

Headers

File Characteristics

Imports

kernel32

gdi32

user32

shell32

Sections

.text Size: 114KB - Virtual size: 113KB

.data Size: 271KB - Virtual size: 276KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 114KB - Virtual size: 113KB

.data
Size: 271KB - Virtual size: 276KB

.rsrc
Size: 10KB - Virtual size: 9KB