a7f9fa1611f9797d1530e4c072008139_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a7f9fa1611f9797d1530e4c072008139_JaffaCakes118
Size

549KB
MD5

a7f9fa1611f9797d1530e4c072008139
SHA1

8843d068f4b1cf2cc547afe28fdb11efd1e0d7e5
SHA256

24dee34d8975164caedd6dec49a9c05e783f6da47d28a80d19d8d8f23722658f
SHA512

07a50d24244a73b51a6c191c356c7f7269a5a355a2879fec69eaafb5047e357d6abc6675c87e9718c02a33ef4192a2eff18b2d4f4c8d6c519248a5ca0dac84cd
SSDEEP

12288:m7XnFbZn8FvIcdLmRC9HRE0AxxWbgOQjRXDw5xWlmvOOnl:m7TaIc9mRC9HRE0A3WbgfDwD7OE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7f9fa1611f9797d1530e4c072008139_JaffaCakes118

Files

a7f9fa1611f9797d1530e4c072008139_JaffaCakes118
.exe windows:4 windows x86 arch:x86

928ce4dc29b4e4efcab768d7e7482b84

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PrintDlgW
GetOpenFileNameA

comctl32

InitCommonControlsEx

kernel32

GetCPInfo
InterlockedExchange
ExitProcess
LeaveCriticalSection
VirtualQuery
GetModuleHandleW
MultiByteToWideChar
GetStartupInfoA
GetConsoleCP
WideCharToMultiByte
DeleteCriticalSection
FreeEnvironmentStringsA
GetACP
CreateFileA
GetTimeZoneInformation
SetHandleCount
FlushFileBuffers
IsValidCodePage
SetConsoleCtrlHandler
GetProcAddress
TlsGetValue
TerminateProcess
GetCurrentThreadId
RemoveDirectoryA
GetCurrentThread
HeapAlloc
InitializeCriticalSectionAndSpinCount
SetStdHandle
EnumSystemLocalesA
GetCurrentProcessId
WriteFile
CompareStringW
CreateMutexA
GetModuleFileNameA
HeapReAlloc
GetStdHandle
LoadLibraryA
VirtualFree
GetLocaleInfoA
EnterCriticalSection
InterlockedDecrement
GetConsoleOutputCP
TlsFree
TlsSetValue
GetLocaleInfoW
LCMapStringA
IsDebuggerPresent
GetConsoleMode
GetCurrentProcess
TlsAlloc
FreeEnvironmentStringsW
GetFileType
SetLastError
HeapDestroy
WriteConsoleA
GetLastError
RtlUnwind
CloseHandle
GetUserDefaultLCID
GetTickCount
ReadFile
GetCommandLineA
SetFilePointer
GetEnvironmentStringsW
WriteConsoleOutputA
GetStringTypeA
FreeLibrary
GetEnvironmentStrings
GetStringTypeW
WriteConsoleW
QueryPerformanceCounter
GetTimeFormatA
LCMapStringW
GetModuleHandleA
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
HeapFree
HeapSize
GetDateFormatA
Sleep
HeapCreate
SetEnvironmentVariableA
GetOEMCP
VirtualAlloc
UnhandledExceptionFilter
IsValidLocale
InterlockedIncrement
OpenMutexA
CompareStringA

user32

CreateIconFromResource
GetForegroundWindow
UnregisterClassA
DdeNameService
EnumDisplaySettingsExA
GetShellWindow
EnumWindowStationsW
SetCursorPos
RegisterClassA
RegisterClassExA
SetDeskWallpaper
IsCharLowerA
ShowScrollBar
SubtractRect
LoadKeyboardLayoutA
DdeQueryStringW
GetMessageW
RegisterDeviceNotificationA
UnregisterDeviceNotification
GetMessageA
DispatchMessageA
EndMenu
DdeFreeDataHandle
SetTimer
EnumDisplayDevicesW
CallNextHookEx
DestroyWindow

Sections

.text
Size: 381KB - Virtual size: 381KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

928ce4dc29b4e4efcab768d7e7482b84

Headers

File Characteristics

Imports

comdlg32

comctl32

kernel32

user32

Sections

.text Size: 381KB - Virtual size: 381KB

.rdata Size: 47KB - Virtual size: 53KB

.data Size: 108KB - Virtual size: 107KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 381KB - Virtual size: 381KB

.rdata
Size: 47KB - Virtual size: 53KB

.data
Size: 108KB - Virtual size: 107KB

.rsrc
Size: 11KB - Virtual size: 11KB