a5bfb1d492072ae359f97d6427e86cfd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a5bfb1d492072ae359f97d6427e86cfd_JaffaCakes118
Size

502KB
MD5

a5bfb1d492072ae359f97d6427e86cfd
SHA1

83a47021ad97207e4b5f232b722d218fe4b2693c
SHA256

a5ceb1600674c44bcf6528340cb3b3b06f1ea9d65862c242dad7a9b9bd36a9ae
SHA512

ccd500a5c0372f5f5ba05bee32c94860894100f7d360444c66136c1dfd4a6e1dc0aca4dc790dec85ec2e43be61066f469ce2dec6f6150f1d85f30ca7ef1661b1
SSDEEP

12288:Xuyxg0nm7ZUd940NCcxLB39OXFuyikpUI:adq9b39OVuRkK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5bfb1d492072ae359f97d6427e86cfd_JaffaCakes118

Files

a5bfb1d492072ae359f97d6427e86cfd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fd4f62ea2fc7368f5d2975579d7c6ba6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassA
EndPaint
SwitchDesktop
IsCharAlphaNumericA
ScrollDC
SetPropA
RegisterWindowMessageW
wsprintfA
SetWindowsHookA
PeekMessageA
RegisterClassExA
GetDC
IsClipboardFormatAvailable
LoadMenuIndirectA

kernel32

GetCommandLineA
DeleteCriticalSection
LoadLibraryA
CloseHandle
CreateMutexA
GetCommandLineW
FlushFileBuffers
TlsSetValue
GetLocaleInfoW
GetTimeFormatA
VirtualFree
CompareStringW
HeapAlloc
FreeEnvironmentStringsA
EnumSystemLocalesA
EnterCriticalSection
MultiByteToWideChar
GetStringTypeA
HeapSize
UnhandledExceptionFilter
WriteFile
GetTickCount
GetProcAddress
GetCurrentThread
SetStdHandle
GetModuleHandleA
GetLastError
QueryPerformanceCounter
RtlUnwind
GetTimeZoneInformation
OpenMutexA
WideCharToMultiByte
LCMapStringA
SetLastError
VirtualQuery
lstrcpynW
LeaveCriticalSection
SetFilePointer
TlsFree
GetSystemTimeAsFileTime
SetConsoleTextAttribute
GetACP
VirtualProtect
GetCalendarInfoW
GetOEMCP
GetUserDefaultLCID
IsValidLocale
FormatMessageA
HeapDestroy
TlsGetValue
GetStringTypeW
RtlMoveMemory
GetWindowsDirectoryW
GetDateFormatA
TerminateProcess
GetVersionExA
GetModuleFileNameA
GetCPInfo
SetHandleCount
InitializeCriticalSection
EnumResourceNamesW
VirtualAlloc
GetLocalTime
SetCurrentDirectoryW
GetEnvironmentStrings
GetStartupInfoW
GlobalUnlock
HeapReAlloc
IsBadWritePtr
ExitProcess
GetCurrentThreadId
FreeEnvironmentStringsW
GetStartupInfoA
GetModuleFileNameW
GetStdHandle
InterlockedExchange
GetFileType
CompareStringA
IsValidCodePage
GetEnvironmentStringsW
GetCurrentProcessId
CreatePipe
GetLocaleInfoA
ReadFile
GetCurrentProcess
HeapCreate
TlsAlloc
SetEnvironmentVariableA
LCMapStringW
GetSystemInfo
SetConsoleMode
HeapFree
GetDriveTypeA

comctl32

InitCommonControlsEx

Sections

.text
Size: 333KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd4f62ea2fc7368f5d2975579d7c6ba6

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 333KB - Virtual size: 333KB

.rdata Size: 45KB - Virtual size: 65KB

.data Size: 105KB - Virtual size: 105KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 333KB - Virtual size: 333KB

.rdata
Size: 45KB - Virtual size: 65KB

.data
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 17KB - Virtual size: 16KB