a7206b13797a8583ec5e0dbbd59e991f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a7206b13797a8583ec5e0dbbd59e991f_JaffaCakes118
Size

181KB
MD5

a7206b13797a8583ec5e0dbbd59e991f
SHA1

94ecbf11346446148be7a9ff86316a9cd83040fe
SHA256

5a40088c6c9458ae693b7761f3cf797995a5f0238ff720b8b668d0c5f0dc10bb
SHA512

d666c695c78173819742e9bb87911af6a874fa7eece1d027503e5990f30b7573b3bfa1650d0c94eef1933680065597b41355d4b2ce81e303def1c623bf00a7fd
SSDEEP

3072:jVaBGoMAI31TrlVkeQ8+Lp5Vq9NnDO7GYbLG1Ycg3N0vWLHhliW2QcE5R0Ll09a+:jqVMDlVc8QHydYXG1Yt90A8W8Bl0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7206b13797a8583ec5e0dbbd59e991f_JaffaCakes118

Files

a7206b13797a8583ec5e0dbbd59e991f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19762e9a16523bb459b774a814e12e28

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

CharNextA
wsprintfW
MonitorFromWindow
CharNextW

psapi

GetProcessMemoryInfo

shell32

CommandLineToArgvW

advapi32

CryptReleaseContext
CryptHashData
CryptGetHashParam
CryptCreateHash
CryptAcquireContextA
CryptDestroyHash

msvfw32

ICInfo

imagehlp

ImageRvaToVa
ImageNtHeader
ImageGetDigestStream
ImageDirectoryEntryToData

kernel32

LoadLibraryA
UpdateResourceW
GlobalLock
CreateFiberEx
GetProcessHeap
GetTempPathW
InitializeCriticalSection
GetFileAttributesW
SetEndOfFile
GetModuleHandleW
BeginUpdateResourceW
WriteFile
MultiByteToWideChar
HeapSize
_lclose
UnhandledExceptionFilter
GetLastError
GetVersion
GetFileSize
InterlockedCompareExchange
RemoveDirectoryW
GetTempFileNameW
CreateFileMappingA
CreateDirectoryW
MoveFileW
FreeResource
LockResource
LoadResource
GetOEMCP
GlobalFree
MapViewOfFile
lstrlenW
GetLocaleInfoA
FindResourceW
DeleteFileA
GetFullPathNameA
EscapeCommFunction
GetFullPathNameW
IsDebuggerPresent
GetCurrentProcess
GetFileInformationByHandle
SetUnhandledExceptionFilter
CloseHandle
FindNextFileA
TerminateProcess
GetACP
GetSystemDirectoryA
GetCommandLineW
InterlockedExchange
EnterCriticalSection
EndUpdateResourceW
SetFilePointer
GetVersionExA
GlobalAlloc
ExitProcess
EnumResourceLanguagesW
EnumResourceNamesA
CopyFileA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetVersionExW
CreateFileW
GetStringTypeExW
AreFileApisANSI
InterlockedDecrement
CopyFileW
OutputDebugStringA
DeleteFileW
DebugBreak
LoadLibraryExW
_lwrite
SizeofResource
Sleep
lstrcmpiA
ReadFile
GetCurrentDirectoryW
FindFirstFileA
HeapDestroy
EnumResourceNamesW
FatalExit
LocalFree
EnumResourceTypesW
GetTickCount
GetCurrentThreadId
UnmapViewOfFile
RaiseException
DeleteCriticalSection
FindFirstFileW
GetEnvironmentVariableA
_llseek
FindResourceExW
HeapAlloc
WideCharToMultiByte
SetLastError
GlobalUnlock
FindClose
LoadLibraryExA
CreateFileA
FindNextFileW
GetProcAddress
SetFileAttributesW
HeapFree
FreeLibrary
lstrlenA
LeaveCriticalSection
RemoveDirectoryA
GetThreadLocale
GetCurrentProcessId
GetFileAttributesA
InterlockedIncrement
_lread
HeapReAlloc
FormatMessageW
CreateDirectoryA
SetFileAttributesA
lstrcpyA

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19762e9a16523bb459b774a814e12e28

Headers

File Characteristics

Imports

user32

psapi

shell32

advapi32

msvfw32

imagehlp

kernel32

Sections

.text Size: 154KB - Virtual size: 153KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 22KB - Virtual size: 21KB

.lib Size: 512B - Virtual size: 76KB

.text
Size: 154KB - Virtual size: 153KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 22KB - Virtual size: 21KB

.lib
Size: 512B - Virtual size: 76KB