8ed18eb2916dc7b890b08f249bfe9ad5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8ed18eb2916dc7b890b08f249bfe9ad5_JaffaCakes118
Size

552KB
MD5

8ed18eb2916dc7b890b08f249bfe9ad5
SHA1

c197f67cce26726702a1e4270b41240af9c62e47
SHA256

19cdb68dc8f1115b369fe73d84b587a99f02aefffb73e0aa68fc7a644c5c5fd0
SHA512

213893db069657ee35bee2869344808a18c841bb9f157b5a86e5c0bd5d4e25fe1bb88582efb8131f803d9fbc5c250e17eaa2f8dc1675a21923308fe6f41d0b4a
SSDEEP

12288:sug9eUUSLYWtvfpheAUl1rV6jW/fjFR0Im8lPSlkEgw1:7g9JdttHpkAUnV6jW/rFg6sJgw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ed18eb2916dc7b890b08f249bfe9ad5_JaffaCakes118

Files

8ed18eb2916dc7b890b08f249bfe9ad5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fcafbd512bbf8d7cc76f730f256df927

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetCurrentProcessId
SizeofResource
Sleep
GlobalUnlock
GetEnvironmentStringsW
LCMapStringW
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateFileW
GetTimeZoneInformation
ExpandEnvironmentStringsA
FindNextFileA
CompareStringW
GetProcAddress
DeleteFileW
SetEvent
GetWindowsDirectoryA
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
SetHandleCount
EnterCriticalSection
HeapFree
InterlockedIncrement
GetCurrentThreadId
GetLocaleInfoA
GlobalAlloc
TerminateProcess
MulDiv
SetUnhandledExceptionFilter
GetEnvironmentStrings
GetModuleHandleA
CreateMutexA
MultiByteToWideChar
UnhandledExceptionFilter
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
SetLastError
InterlockedDecrement
FindClose
LoadResource
LocalFree
GetOEMCP
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
GetStringTypeA
GetCPInfo
SetStdHandle
LocalAlloc
GetCurrentProcess
FreeEnvironmentStringsA
GetLocalTime
HeapDestroy
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetStdHandle
VirtualAlloc
GetVersion
FreeEnvironmentStringsW
TlsGetValue
GetEnvironmentVariableA
HeapCreate
RtlUnwind
InitializeCriticalSection
LCMapStringA
CreateProcessA
UnmapViewOfFile
VirtualFree
CreateThread
FindResourceA

user32

MessageBoxA
EndDialog
GetDesktopWindow
LoadIconA
LoadCursorA
ScreenToClient
GetDlgItem
SetTimer
DefWindowProcA
SetFocus
CreateWindowExA
EnableMenuItem
IsWindowEnabled
TranslateMessage
SetWindowPos
EnableWindow
DestroyWindow
ClientToScreen
SendMessageA
GetDC
EndPaint
DispatchMessageA
IsWindow
SetForegroundWindow
GetClientRect
CallWindowProcA
GetFocus
SetCursor
InvalidateRect

gdi32

SelectObject
GetStockObject
SetBkColor
CreateSolidBrush

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 524KB - Virtual size: 523KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fcafbd512bbf8d7cc76f730f256df927

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 524KB - Virtual size: 523KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 524KB - Virtual size: 523KB

.rsrc
Size: 4KB - Virtual size: 3KB