a8b3dd1b154019f3db25c0aff9919b33_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a8b3dd1b154019f3db25c0aff9919b33_JaffaCakes118
Size

550KB
MD5

a8b3dd1b154019f3db25c0aff9919b33
SHA1

ab07866ea41795f4d1b29d15bc72b1b9ae0dfaa7
SHA256

b4dcf9551f28445a8ab1f8b5530353a21e5c5d781e95159f4c19dab621394ddd
SHA512

c590bb94ca9065df3c1d8ecb6b5699199f921adf15765e068e24972432f017297f56a1bfbd0ab94fe4a7523afdc89dcd8e86decb85e0cd64664e38e848f48308
SSDEEP

12288:Oz5/sqABWju9BjYCn+W7OPn5yhUoKIPe0g2Asst2:Ot/3aBkC37e5iNOQgt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8b3dd1b154019f3db25c0aff9919b33_JaffaCakes118

Files

a8b3dd1b154019f3db25c0aff9919b33_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa1f473b4f7441a496d2c20b8d569ec2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_SetIconSize
CreateStatusWindowW
ImageList_Write
CreatePropertySheetPageW
InitCommonControlsEx
CreatePropertySheetPage
ImageList_DrawEx
ImageList_SetFilter

kernel32

GetTimeZoneInformation
OpenMutexW
HeapFree
GetCurrentProcess
GetStartupInfoA
CloseHandle
GetSystemInfo
WritePrivateProfileStructW
HeapCreate
CompareStringA
VirtualFree
GetProcAddress
EnumCalendarInfoExA
GetFileTime
OpenMutexA
WideCharToMultiByte
GetEnvironmentStringsW
TlsSetValue
FlushFileBuffers
GetTickCount
GetSystemTimeAsFileTime
HeapSize
IsValidCodePage
GetModuleHandleA
LoadLibraryA
FreeEnvironmentStringsW
LCMapStringW
CreateFileW
HeapReAlloc
GetLastError
UnhandledExceptionFilter
lstrcatA
OpenWaitableTimerW
EnumSystemLocalesA
OpenFileMappingA
HeapAlloc
DeleteFiber
WriteFile
SetFilePointer
CompareStringW
SetEvent
GetLocaleInfoA
CreateFileMappingW
TlsAlloc
TlsGetValue
InitializeCriticalSection
VirtualQuery
GetCurrentThreadId
FreeEnvironmentStringsA
InterlockedExchange
SetEnvironmentVariableA
GetCommandLineA
SetConsoleCursorInfo
GetTimeFormatA
LCMapStringA
LeaveCriticalSection
GetACP
SetStdHandle
VirtualProtect
HeapDestroy
IsValidLocale
GetCurrentThread
GetUserDefaultLCID
FindClose
TerminateProcess
GetEnvironmentStrings
DeleteCriticalSection
GetFileType
GetCurrentDirectoryW
GetStdHandle
EnterCriticalSection
GetVersionExA
TlsFree
GetCurrentProcessId
QueryPerformanceCounter
SetLastError
MultiByteToWideChar
ReadFile
CreateMutexA
RtlUnwind
PulseEvent
FindResourceW
ExitProcess
GetCPInfo
VirtualAlloc
GetLocaleInfoW
GetOEMCP
SetHandleCount
GetStringTypeW
GetDateFormatA
GetModuleFileNameA
FindFirstFileW
GetStringTypeA
IsBadWritePtr

user32

DestroyWindow
RegisterClassA
RealChildWindowFromPoint
OemToCharBuffA
RegisterClassExA
GetCapture
ExcludeUpdateRgn
GetMenuItemCount
WindowFromPoint
DefWindowProcW
MessageBoxA
GetForegroundWindow
CreateWindowExW
GetUpdateRgn
TrackPopupMenu
wvsprintfW
EnumWindows
ShowWindow

Sections

.text
Size: 324KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa1f473b4f7441a496d2c20b8d569ec2

Headers

File Characteristics

Imports

comctl32

kernel32

user32

Sections

.text Size: 324KB - Virtual size: 324KB

.rdata Size: 53KB - Virtual size: 58KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 71KB - Virtual size: 71KB

.text
Size: 324KB - Virtual size: 324KB

.rdata
Size: 53KB - Virtual size: 58KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 71KB - Virtual size: 71KB