95bb38c47a9f9c5134e01a25a196b32a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

95bb38c47a9f9c5134e01a25a196b32a_JaffaCakes118
Size

89KB
MD5

95bb38c47a9f9c5134e01a25a196b32a
SHA1

e049b3fac5cbf0da5d60970a4ef984b0c77cfd23
SHA256

6e3117177222e5c022ea5559cbfc21b26cc7df1a6c61b8797da6bfa51e317a7c
SHA512

0dff6234a12ea5ee5f3d3d17d9227da099c0584fdeed560a0ec17b2ad2db37ae68568dd8ac1df7472f1fff21c3ff09227f4ec5348dd685866124a9ac45bdf274
SSDEEP

1536:FaSFZ6cvAb+vMqxa4WFKJz8V4CEtHsHiCQFkrPzJhHKeNYPEsgAEPa:Fa4t4qvxWc8c2CCQe34EsgAEPa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95bb38c47a9f9c5134e01a25a196b32a_JaffaCakes118

Files

95bb38c47a9f9c5134e01a25a196b32a_JaffaCakes118
.exe windows:1 windows x86 arch:x86

cb44421a79a405808a754325fe82c579

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
GetLocaleInfoW
CreateMutexA
MapViewOfFile
GlobalFree
RemoveDirectoryA
lstrlenA
GetSystemDefaultLCID
GetSystemTimeAsFileTime
LoadLibraryA
GetStringTypeW
GetCPInfo
DeleteCriticalSection
CreateDirectoryA
VirtualAlloc
GetCurrentThreadId
GetFullPathNameA
SetThreadPriority
GetFileType
GetSystemDefaultLangID
VirtualFree
InterlockedDecrement
SetThreadLocale
SystemTimeToFileTime
MultiByteToWideChar
ExpandEnvironmentStringsW
FreeResource
GetCommandLineA
LockFile
GetLocalTime
EnterCriticalSection
CreateDirectoryW
GetTickCount
WriteConsoleA
GlobalDeleteAtom
GetStartupInfoW
LeaveCriticalSection
CreateEventA
HeapFree

user32

IsDialogMessageA
LoadIconW
SetWindowLongA
MessageBoxA
DestroyWindow
GetScrollPos
DefWindowProcA
SetWindowPos
GetTopWindow
RegisterWindowMessageW
CallWindowProcW
CloseClipboard
ReleaseCapture
RedrawWindow
GetMessageW
CharUpperW
GetClassNameA
SendMessageA
CreateWindowExA
SetDlgItemTextA
IsWindow
DrawEdge
ScreenToClient
DestroyIcon
MoveWindow
SetPropW
GetDlgCtrlID
DialogBoxParamW
SetClipboardData
PeekMessageW
CharUpperA
TranslateMessage

msvcrt

__dllonexit
??0exception@@QAE@XZ
__wgetmainargs
??2@YAPAXI@Z
__setusermatherr
strncmp
__set_app_type
wcsncmp
iswdigit
exit
??1exception@@UAE@XZ
__p__commode
__getmainargs

advapi32

GetLengthSid
RegEnumKeyExA
EqualSid
DeregisterEventSource

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb44421a79a405808a754325fe82c579

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

Sections

.text Size: 39KB - Virtual size: 39KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 32KB - Virtual size: 148KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 39KB - Virtual size: 39KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 32KB - Virtual size: 148KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB