a5c3cb70961ce80ba04b334590b67570_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a5c3cb70961ce80ba04b334590b67570_JaffaCakes118
Size

390KB
MD5

a5c3cb70961ce80ba04b334590b67570
SHA1

53e541532d519dc8ad099cdd7416fc5f9f72c3c5
SHA256

f27fe949bfd5597f8484b54c7803d72f1504ee2b463535107e0a6f1369cf5b9c
SHA512

517199faf8c040c422a95e04a9ac800fa64a2f3e2b8f70b594e66844892cdb4733b1f5fa0be239c5523bdd5d1cc59a9d7f3d588a7855b408a2101a80396ebec8
SSDEEP

6144:QAugtoJ4NHZA3XqW+uTGMPjwTJh8ZqrgLXHuWtjamUvoDojHPUMTjGo3:ag2J4N16VPjwdh88+OWhBeoAvZTD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5c3cb70961ce80ba04b334590b67570_JaffaCakes118

Files

a5c3cb70961ce80ba04b334590b67570_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a4d6a397dec5de0bdb2fa6250fd429b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
ResumeThread
CreateFileA
LoadLibraryA
GetLastError
VirtualFree
VirtualAlloc
GetModuleHandleA
GetSystemTime
Sleep
ReadFile
FlushViewOfFile
MapViewOfFile
GetFileSize
GlobalFree
LocalAlloc
WriteFile
GlobalAlloc
FindClose
FindNextFileA
FreeLibrary
EndUpdateResourceA
UpdateResourceA
SizeofResource
BeginUpdateResourceA
LockResource
LoadResource
HeapAlloc
SuspendThread
FreeResource
VirtualProtect
GetProcAddress
SetLastError
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetFilePointer
FlushFileBuffers
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
ExitProcess
CreateThread
CloseHandle
HeapFree
CopyFileA
WaitForMultipleObjects
GetCurrentProcess
TerminateProcess
HeapReAlloc
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
GetStartupInfoA

user32

CreateWindowExA
GetClientRect
DefWindowProcA
GetIconInfo
GetDC
GetDesktopWindow
IsWindow
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
CopyImage
DrawIcon
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadStringA
LoadAcceleratorsA
ReleaseDC

gdi32

CreatePenIndirect
CreateCompatibleBitmap
GetDIBits
GetObjectA
DeleteObject

ole32

CoCreateInstance
CoUninitialize

lz32

GetExpandedNameA

pdh

PdhAddCounterA
PdhOpenQueryA
PdhCollectQueryData

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdata
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9a4d6a397dec5de0bdb2fa6250fd429b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

lz32

pdh

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 172KB - Virtual size: 692KB

.rsrc Size: 4KB - Virtual size: 3KB

.sdata Size: 142KB - Virtual size: 142KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 172KB - Virtual size: 692KB

.rsrc
Size: 4KB - Virtual size: 3KB

.sdata
Size: 142KB - Virtual size: 142KB