94e673a8af4dc27f8dc05413a1711f2c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

94e673a8af4dc27f8dc05413a1711f2c_JaffaCakes118
Size

400KB
MD5

94e673a8af4dc27f8dc05413a1711f2c
SHA1

28f0cffc0dc7f63a5d84ca1207f8f6669694100b
SHA256

8a7cc818cd9d7732ebf97377c0967688dd251581f36250787251a2c25f484e61
SHA512

1e970adf6c90279ed8b856f6b98b9fa39ecc57df8e43f25a1a856e1d342a4d83fad2d698b099aa87a4874e7ae41f286b8f3c665ae4d0a884eca6ffe70a332d00
SSDEEP

6144:Z+IkmWBjqg3uQuo+mTSjX1NK89sRM7vrO0PRaIkcy9Jom+5u0HUN:Om02g3uGTSjX2qzQcIP0HUN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94e673a8af4dc27f8dc05413a1711f2c_JaffaCakes118

Files

94e673a8af4dc27f8dc05413a1711f2c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3bb1d2b197eb4e2d63a556c465dcb0b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetDIBitsToDevice
GetMiterLimit
WidenPath
Pie
GetDIBColorTable
PtInRegion

kernel32

GetNamedPipeHandleStateW
CreateDirectoryExW
GetStringTypeW
QueryPerformanceCounter
TerminateProcess
InterlockedExchange
LocalFree
CompareStringW
GetShortPathNameA
GetLastError
GetCurrentThreadId
GetStdHandle
GetCPInfo
WriteConsoleW
GetCurrentProcessId
SetHandleCount
Sleep
HeapReAlloc
CloseHandle
UnhandledExceptionFilter
FillConsoleOutputCharacterW
CreateWaitableTimerW
CompareStringA
ConnectNamedPipe
FreeLibrary
CreateRemoteThread
LCMapStringA
InterlockedIncrement
GetEnvironmentStringsW
WriteFile
GetConsoleMode
GlobalFix
GetUserDefaultLCID
RtlUnwind
CreateFileMappingA
GetFileType
WriteConsoleA
SetLastError
WideCharToMultiByte
EnterCriticalSection
VirtualFree
GetCurrentProcess
SetFilePointer
lstrcatA
SetComputerNameW
HeapAlloc
GetModuleHandleA
TlsFree
GetStringTypeA
EnumResourceTypesA
SetConsoleCtrlHandler
GetConsoleOutputCP
SetEnvironmentVariableA
EnumSystemLocalesA
GetModuleFileNameA
LocalSize
InterlockedDecrement
OpenMutexA
GetLocaleInfoA
VirtualAlloc
SetUnhandledExceptionFilter
IsDebuggerPresent
FlushFileBuffers
IsValidLocale
EnumCalendarInfoW
HeapDestroy
TlsAlloc
HeapCreate
GetConsoleCP
GetCurrentThread
HeapFree
ReadFile
GlobalAddAtomA
SetStdHandle
GetCommandLineA
VirtualQuery
IsValidCodePage
DeleteCriticalSection
FreeEnvironmentStringsA
TlsSetValue
GetLocaleInfoW
ExitProcess
InitializeCriticalSection
GetTimeFormatA
CreateFileA
GetSystemTimeAsFileTime
FindClose
GetProcessHeap
GetCurrencyFormatA
GetEnvironmentStrings
LoadLibraryA
GetDateFormatA
CreateMutexA
GetOEMCP
GetVersionExA
GetACP
GetModuleHandleW
LocalLock
HeapSize
GetStartupInfoA
GetTimeZoneInformation
ExpandEnvironmentStringsA
LeaveCriticalSection
GetProcAddress
FreeEnvironmentStringsW
MultiByteToWideChar
GetTickCount
TlsGetValue
LCMapStringW

comctl32

InitCommonControlsEx

user32

RegisterClassA
BeginPaint
EndDeferWindowPos
GetScrollRange
CharToOemBuffA
DdeQueryStringW
GetAltTabInfo
DefDlgProcW
CreateMDIWindowW
ShowCaret
RegisterClassExA
EnumDesktopsW

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3bb1d2b197eb4e2d63a556c465dcb0b6

Headers

File Characteristics

Imports

gdi32

kernel32

comctl32

user32

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 10KB - Virtual size: 22KB

.data Size: 210KB - Virtual size: 210KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 10KB - Virtual size: 22KB

.data
Size: 210KB - Virtual size: 210KB

.rsrc
Size: 6KB - Virtual size: 6KB