acca0e9b3f966471854b13243bbd7e52_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

acca0e9b3f966471854b13243bbd7e52_JaffaCakes118
Size

492KB
MD5

acca0e9b3f966471854b13243bbd7e52
SHA1

fccead22bb2d87f2f789ebd9f50335a441d14ef2
SHA256

98025b6fe817ee70d2b09ea2b526b9dc507ac05bd9bbfae1f01b67eea980804b
SHA512

83206e5007234c6026a49494455d4aee71af53bc49c8b316042722b4383a1ec637e178d8b6b1de19071cbb60f52bdf2bb6d38379c9dd2f4482397e44a9f4652c
SSDEEP

12288:Mx75Poz29QgrEjHTV9g9LkvK6PyMzXFXfpWdvdknVZ9epaDw:zC9QAEjHTVPvK4tMCVCaDw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acca0e9b3f966471854b13243bbd7e52_JaffaCakes118

Files

acca0e9b3f966471854b13243bbd7e52_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0b3111a453caba802f3c6617c478109

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
WriteFile
GetVersionExA
LeaveCriticalSection
GetThreadPriority
IsValidCodePage
RtlUnwind
OpenSemaphoreA
GetProcessHeap
SetHandleCount
GetSystemTimeAsFileTime
LCMapStringW
GetCurrentProcess
GetVersionExW
SetUnhandledExceptionFilter
HeapAlloc
TlsAlloc
GetDateFormatA
GetUserDefaultLCID
TlsGetValue
CompareStringW
HeapDestroy
GetACP
DeleteCriticalSection
GetLastError
EnumSystemLocalesA
GetCurrentThreadId
EnumCalendarInfoExW
LCMapStringA
OpenMutexA
GetStdHandle
SetFilePointer
SetConsoleCtrlHandler
GetFileType
QueryPerformanceCounter
VirtualFree
CloseHandle
CreateMutexA
HeapCreate
GetModuleHandleA
TlsFree
InterlockedDecrement
WriteConsoleA
SetEnvironmentVariableA
HeapSize
VirtualQuery
GetProcAddress
InterlockedExchange
GetStringTypeA
UnhandledExceptionFilter
SetStdHandle
IsValidLocale
HeapFree
FlushFileBuffers
GetTimeZoneInformation
GetTimeFormatA
Sleep
GetTickCount
HeapReAlloc
IsDebuggerPresent
GetModuleFileNameA
GetConsoleOutputCP
GetConsoleCP
FlushInstructionCache
GetCurrentProcessId
GetConsoleMode
GetLocaleInfoA
TlsSetValue
GetCPInfo
TerminateProcess
CompareStringA
GetModuleFileNameW
GetStartupInfoW
LoadLibraryA
ReadFile
EnterCriticalSection
GetCurrentThread
SetFileAttributesW
GetStartupInfoA
GetOEMCP
GetCommandLineW
GetLocaleInfoW
GetStringTypeW
InterlockedIncrement
CreateWaitableTimerA
GetEnvironmentStrings
WideCharToMultiByte
SetLastError
FreeEnvironmentStringsW
VirtualAlloc
CreateFileA
GetEnvironmentStringsW
InitializeCriticalSection
TerminateThread
ExitProcess
SetConsoleOutputCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeLibrary
GetCommandLineA

comctl32

InitCommonControlsEx

user32

ShowCursor
GetWindowTextA
RegisterClassExA
GetListBoxInfo
WINNLSGetIMEHotkey
RegisterClipboardFormatA
wsprintfA
MoveWindow
DdeInitializeA
RegisterClassA
EnumWindowStationsA

Sections

.text
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0b3111a453caba802f3c6617c478109

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 161KB - Virtual size: 160KB

.rdata Size: 9KB - Virtual size: 17KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 161KB - Virtual size: 160KB

.rdata
Size: 9KB - Virtual size: 17KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 6KB - Virtual size: 5KB