8e727b4d9c4302d987539b285dd1e1ab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8e727b4d9c4302d987539b285dd1e1ab_JaffaCakes118
Size

439KB
MD5

8e727b4d9c4302d987539b285dd1e1ab
SHA1

e29973db53f66441e81ee0c95bf0a7ccf23b0ec0
SHA256

3a1821603b9eb38580933113714b274aff85adeec9d3913dee2583fdb121de52
SHA512

8637cfd27331394538d9802cf95245478f49b37cbe1adb5074799c9fe1da48260b819e78976d83ff314e9595e28190e5e0d92e9e84d7815e16b3a43876def637
SSDEEP

6144:7I5tKIbLLhrBoqEWtmJlI7nuznMr+CodMyUngYPQEtmTz++Z/tAiH2nCpTOlGp:4tKGNKUKlYUCyUnftqZlAqSCpTlp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e727b4d9c4302d987539b285dd1e1ab_JaffaCakes118

Files

8e727b4d9c4302d987539b285dd1e1ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f94e12b4ccc1218eac0b7d2dabc2ffb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
GetUserDefaultLCID
IsBadWritePtr
GetNamedPipeInfo
GetStartupInfoA
CreateWaitableTimerA
HeapAlloc
LoadLibraryA
TlsGetValue
SetConsoleCtrlHandler
VirtualFree
GetProcessHeap
LocalUnlock
GetCPInfo
TlsAlloc
TlsFree
FreeLibrary
GetStringTypeA
GetTimeFormatA
GetStringTypeW
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetTimeZoneInformation
GetFileType
GetSystemTimeAdjustment
HeapSize
UnhandledExceptionFilter
GetStdHandle
GetProcAddress
CompareStringW
GetStartupInfoW
HeapFree
OpenWaitableTimerA
GetDateFormatA
WritePrivateProfileStructW
InitializeCriticalSectionAndSpinCount
VirtualQuery
MultiByteToWideChar
WriteFile
SetHandleCount
GetACP
InterlockedIncrement
TlsSetValue
GetOEMCP
HeapReAlloc
LeaveCriticalSection
ExitProcess
CompareStringA
GetDriveTypeA
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
IsValidLocale
GetModuleHandleA
GetLocaleInfoW
IsDebuggerPresent
IsValidCodePage
GetCurrentThreadId
SetLastError
WideCharToMultiByte
GetCurrentThread
GetModuleFileNameW
GetCurrentProcessId
GetModuleFileNameA
LCMapStringA
GetCommandLineW
lstrcmpA
GetTickCount
HeapDestroy
EnumSystemLocalesA
GetLocaleInfoA
Sleep
SetEnvironmentVariableA
RtlUnwind
GetLastError
GetSystemTimeAsFileTime
InterlockedExchange
LCMapStringW
EnterCriticalSection
DeleteCriticalSection
GetModuleHandleW
FillConsoleOutputCharacterW
HeapCreate
InterlockedDecrement

user32

ValidateRgn
DrawMenuBar
DrawTextExW
DialogBoxParamA

gdi32

PolyTextOutW
CloseFigure
DeleteEnhMetaFile
CreateHatchBrush
ExtEscape
CreateMetaFileA
CreateEnhMetaFileW
PolyDraw
CreateColorSpaceW
ColorCorrectPalette
CreateBitmap
CreateEllipticRgnIndirect
GetPixel
InvertRgn
ExtCreateRegion
GetEnhMetaFileDescriptionW
AbortPath
StartDocW
GetLayout
GetRgnBox
CreateEnhMetaFileA
TextOutA
CreateDCW
EnumICMProfilesW
ResetDCW

shell32

FindExecutableW
ExtractIconEx
SheChangeDirExW
SHAppBarMessage
SHQueryRecycleBinA
ShellExecuteExA
RealShellExecuteA
SheChangeDirA
DragQueryFileW
SHGetMalloc
ExtractAssociatedIconA
SHFormatDrive
SHGetInstanceExplorer
FindExecutableA
ExtractIconExA
ShellExecuteEx
SHInvokePrinterCommandW

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f94e12b4ccc1218eac0b7d2dabc2ffb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Sections

.text Size: 159KB - Virtual size: 159KB

.data Size: 276KB - Virtual size: 291KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 159KB - Virtual size: 159KB

.data
Size: 276KB - Virtual size: 291KB

.rsrc
Size: 2KB - Virtual size: 2KB