94462b812c7b90300a6804e9fa834ec1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

94462b812c7b90300a6804e9fa834ec1_JaffaCakes118
Size

524KB
MD5

94462b812c7b90300a6804e9fa834ec1
SHA1

5be61c9e7d2c842997582b921c6bdbd6e79f4a47
SHA256

b8102038dc61987d421439770c574cbc0a697dacdaa41425aa144d115e7aa50d
SHA512

cffbd0bf705d79b381d65c9369c38fa4fad684092697fbf81cb35fde98abff09770d09a6e94a013a0cb69d4ffdfaaa8d9e8a6589a05ed54e19e3c85c55193d4a
SSDEEP

12288:TzxIcz0hIrutmLW8m9Wi2XddGSvTnob4lrh7JReiH:TzdAhICmLZmhUddG+obkN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94462b812c7b90300a6804e9fa834ec1_JaffaCakes118

Files

94462b812c7b90300a6804e9fa834ec1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba57aa179f61b2bcedf401c7b092b0d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\nce

Imports

user32

GetWindow
SendDlgItemMessageW
RegisterClassA
ToUnicodeEx
RegisterClassExA

kernel32

HeapDestroy
GetSystemTimeAsFileTime
GetEnvironmentStrings
OpenMutexA
CreateMutexA
GetCommandLineA
LCMapStringA
SetEnvironmentVariableA
GetPrivateProfileSectionNamesA
GetCPInfo
GetStringTypeA
InterlockedExchange
InterlockedIncrement
TlsSetValue
CompareStringW
CompareStringA
GetLastError
GetFileType
UnhandledExceptionFilter
LeaveCriticalSection
RtlUnwind
FlushFileBuffers
HeapCreate
GetCurrentThread
GetModuleFileNameW
GetTimeZoneInformation
HeapAlloc
HeapFree
GlobalCompact
GetTickCount
InitializeCriticalSection
SetFilePointer
SetLastError
MultiByteToWideChar
GetStartupInfoW
SetHandleCount
TerminateProcess
TlsAlloc
TlsFree
VirtualQuery
GetLocalTime
TlsGetValue
GetCurrentProcessId
HeapReAlloc
GetStdHandle
GetSystemTime
VirtualFree
GetStartupInfoA
GetModuleHandleA
GetModuleFileNameA
EnterCriticalSection
WideCharToMultiByte
WriteFile
InterlockedDecrement
FreeEnvironmentStringsW
GetCurrentThreadId
LoadLibraryA
GetProcAddress
GetCurrentProcess
GetVersion
CloseHandle
ExitProcess
GetCommandLineW
DeleteCriticalSection
GetStringTypeW
FreeEnvironmentStringsA
ReadFile
VirtualAlloc
SetStdHandle
GetEnvironmentStringsW
LCMapStringW
IsBadWritePtr
QueryPerformanceCounter

comctl32

InitCommonControlsEx

Sections

.text
Size: 376KB - Virtual size: 375KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba57aa179f61b2bcedf401c7b092b0d4

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

Sections

.text Size: 376KB - Virtual size: 375KB

.rdata Size: 19KB - Virtual size: 33KB

.data Size: 104KB - Virtual size: 104KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 376KB - Virtual size: 375KB

.rdata
Size: 19KB - Virtual size: 33KB

.data
Size: 104KB - Virtual size: 104KB

.rsrc
Size: 23KB - Virtual size: 22KB