a7cd928376ea85bd0721ced391b38970_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a7cd928376ea85bd0721ced391b38970_JaffaCakes118
Size

181KB
MD5

a7cd928376ea85bd0721ced391b38970
SHA1

7ce275ab3d50188bc8579c3e162680c3aa7e3612
SHA256

40ac998bbe9b128556da8dac424d2052736495c198e48f8647b3c63c4281e6a6
SHA512

6c185fbb1602ec1035f5ceb79227b8013c337e50cedc45940b5db0b24aac3a08f23e0a5d8092e3b4da3e3d90f4b42b675647cd920770f421043997b5f450e9e2
SSDEEP

3072:OL7dWs6S9u/Ecv8Xs6xLuVeb9Ev9Db6KU5hvxVpU44mk/PhwY3Gril5B+FsSNN5c:+J+EcU5uVeb9+9Dovnp/zsPyY3GriLBc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7cd928376ea85bd0721ced391b38970_JaffaCakes118

Files

a7cd928376ea85bd0721ced391b38970_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4243a8494158bb6a7911dd8ff57abc1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

wsprintfW
CharNextA
MonitorFromWindow
CharNextW

advapi32

CryptGetHashParam
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptReleaseContext
CryptDestroyHash

kernel32

QueryPerformanceCounter
CopyFileA
HeapReAlloc
CreateFiberEx
DebugBreak
FindResourceExW
GlobalLock
SetLastError
GetCurrentDirectoryW
LocalFree
GetVersionExW
GetCommandLineW
InterlockedExchange
lstrcmpiA
GetProcAddress
UpdateResourceW
GetProcessHeap
_lwrite
CloseHandle
LoadLibraryExW
MoveFileW
UnhandledExceptionFilter
EnumResourceLanguagesW
FindFirstFileA
GetFileAttributesA
GlobalFree
EscapeCommFunction
GetSystemDirectoryA
GetFullPathNameW
SetUnhandledExceptionFilter
FindFirstFileW
TerminateProcess
HeapDestroy
ReadFile
UnmapViewOfFile
DeleteFileW
GetFileAttributesW
GetModuleHandleW
_lclose
HeapSize
FindNextFileW
FreeResource
FindResourceW
DeleteFileA
SetFilePointer
LoadLibraryExA
GlobalUnlock
lstrlenA
GetCurrentProcess
GlobalAlloc
FormatMessageW
LoadLibraryA
GetCurrentProcessId
SizeofResource
EndUpdateResourceW
CreateDirectoryW
lstrlenW
InitializeCriticalSection
CreateFileW
InterlockedCompareExchange
CreateDirectoryA
CopyFileW
EnumResourceNamesA
AreFileApisANSI
GetVersionExA
GetEnvironmentVariableA
InterlockedDecrement
GetTempFileNameW
GetStringTypeExW
GetOEMCP
GetVersion
LeaveCriticalSection
SetEndOfFile
FatalExit
GetCurrentThreadId
CreateFileA
CreateFileMappingA
IsDebuggerPresent
LoadResource
SetFileAttributesA
BeginUpdateResourceW
FindClose
GetFileSize
GetFullPathNameA
WriteFile
HeapFree
HeapAlloc
GetACP
GetSystemTimeAsFileTime
FindNextFileA
GetLastError
WideCharToMultiByte
GetFileInformationByHandle
GetTickCount
OutputDebugStringA
MultiByteToWideChar
LockResource
_llseek
FreeLibrary
Sleep
GetThreadLocale
EnumResourceNamesW
MapViewOfFile
RemoveDirectoryW
EnterCriticalSection
SetFileAttributesW
ExitProcess
EnumResourceTypesW
DeleteCriticalSection
GetTempPathW
RaiseException
RemoveDirectoryA
InterlockedIncrement
GetLocaleInfoA
_lread
lstrcpyA

msvfw32

ICInfo

shell32

CommandLineToArgvW

imagehlp

ImageGetDigestStream
ImageNtHeader
ImageRvaToVa
ImageDirectoryEntryToData

psapi

GetProcessMemoryInfo

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4243a8494158bb6a7911dd8ff57abc1f

Headers

File Characteristics

Imports

user32

advapi32

kernel32

msvfw32

shell32

imagehlp

psapi

Sections

.text Size: 155KB - Virtual size: 154KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 21KB - Virtual size: 20KB

.lib Size: 512B - Virtual size: 76KB

.text
Size: 155KB - Virtual size: 154KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 21KB - Virtual size: 20KB

.lib
Size: 512B - Virtual size: 76KB