a7bf57b85b939b04aa149eb1bce2c668_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a7bf57b85b939b04aa149eb1bce2c668_JaffaCakes118
Size

408KB
MD5

a7bf57b85b939b04aa149eb1bce2c668
SHA1

2e2514f84caa7b7368ac1e231a85c9b3cbb9bd18
SHA256

960809b91f1c755bbcb1e7760846aa3ece745a2aad24242c4adf99b8ebaf022c
SHA512

7bad39db4381ea8221ad8abd485c7973997fcc17d6f7ee1764f1de3700f191ec9da0abd28601f5c965bf045baceb331007dbb3f59b2a54b732764c65c36bbe09
SSDEEP

3072:Yi/2rJj9N2I7VHqjDwuZQhUvFPulIUTRSMA/r4uAar6PUfjdjjxYoc/8ecss3:YJZHq3QhUdII2Ar/r4uAJUfjpxVefs3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7bf57b85b939b04aa149eb1bce2c668_JaffaCakes118

Files

a7bf57b85b939b04aa149eb1bce2c668_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0814387ea72356a1ac53d5f07f2dfc24

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
DeleteFileA
OutputDebugStringA
IsBadReadPtr
HeapValidate
CompareStringW
CompareStringA
SetEnvironmentVariableA
LCMapStringA
SetEndOfFile
LCMapStringW
GetACP
GetCPInfo
GetOEMCP
GetStringTypeW
GetStringTypeA
GetTimeZoneInformation
CreateFileA
FlushFileBuffers
MultiByteToWideChar
VirtualAlloc
HeapReAlloc
SetStdHandle
SetConsoleCtrlHandler
GetLastError
FindFirstFileA
FindNextFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
SetCurrentDirectoryA
GetProcAddress
LoadLibraryA
InterlockedIncrement
IsBadWritePtr
RtlUnwind
HeapAlloc
CloseHandle
ReadFile
SetFilePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapFree
VirtualFree

user32

SetDlgItemTextA
MessageBoxA
CharNextA
ReleaseDC
GetDlgItemTextA
SendDlgItemMessageA
GetFocus
GetDC
DefWindowProcA
GetDlgCtrlID
PostQuitMessage
SetWindowTextA
LoadAcceleratorsA
CreateDialogParamA
GetMessageA
ShowWindow
SetTimer
DispatchMessageA
TranslateAcceleratorA
TranslateMessage

gdi32

CreateFontA
TextOutA
SetTextColor
SetBkColor
DeleteObject
SelectObject

Sections

.text
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.zwt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0814387ea72356a1ac53d5f07f2dfc24

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 260KB - Virtual size: 256KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 32KB - Virtual size: 2.6MB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 76KB - Virtual size: 74KB

.reloc Size: 16KB - Virtual size: 14KB

.zwt Size: 4KB - Virtual size: 4KB

.text
Size: 260KB - Virtual size: 256KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 32KB - Virtual size: 2.6MB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 76KB - Virtual size: 74KB

.reloc
Size: 16KB - Virtual size: 14KB

.zwt
Size: 4KB - Virtual size: 4KB