ad151bd15fdca6f54393d1d214e2b891_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ad151bd15fdca6f54393d1d214e2b891_JaffaCakes118
Size

194KB
MD5

ad151bd15fdca6f54393d1d214e2b891
SHA1

08ef2bca06befc4f0366911dda9872e248fb4852
SHA256

83645d3457939a8577ecad281eaa3d2d592b8a6779ec6cc6010a1a0251375de0
SHA512

22dfbbb98ac2f7fb2b7ea765d572f61ab0f45250ab38b6112de1d0bf9ea6f6929ac954011780cb6582cfb19e460b858f38d1ce1c4d81a77c51a8d0ed7a11fcaa
SSDEEP

6144:CKBqWNnTTQ3IGHaKsY1mBv6rTulnlUxAQD/h2R:CWnT7qaT6X+lmDZ2R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad151bd15fdca6f54393d1d214e2b891_JaffaCakes118

Files

ad151bd15fdca6f54393d1d214e2b891_JaffaCakes118
.exe windows:1 windows x86 arch:x86

7ee0839e80f679f5bd8390ae52374a3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
GetModuleHandleA
GetVersionExA
QueryPerformanceFrequency
CreateFileMappingW
GetEnvironmentStrings
GetSystemDefaultLangID
InterlockedIncrement
WaitForSingleObject
FindNextFileW
GetOEMCP
InterlockedCompareExchange
GetCommandLineA
DeleteFileW
CreateMutexA
HeapDestroy
GetTimeFormatW
GetPrivateProfileStringW
GetSystemDefaultLCID
CreateProcessA
CreateFileA
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
VirtualAlloc
LoadResource
GetSystemInfo
GetFileType
LoadLibraryW
LeaveCriticalSection
GetProcAddress
OutputDebugStringA
lstrcmpA
GlobalUnlock
MultiByteToWideChar
LoadLibraryA
Sleep
TerminateProcess
GetLocaleInfoA
SetUnhandledExceptionFilter
SetCurrentDirectoryA
GetLastError
GetCurrentThreadId
SetFilePointer
LoadLibraryExW
GetCommandLineW
CreateThread
SetThreadPriority
CloseHandle
GetCurrentProcessId
VirtualProtect
GlobalLock
GetEnvironmentStringsW
LCMapStringA
FileTimeToSystemTime
HeapAlloc
WideCharToMultiByte
UnlockFile
GetSystemTimeAsFileTime
InterlockedDecrement
RtlUnwind
GetEnvironmentVariableW
FreeEnvironmentStringsA
FreeLibrary
lstrlenW
SetLastError
LocalFree
VirtualFree
VirtualQuery
LocalAlloc
GetACP
RaiseException
DeleteCriticalSection
GetWindowsDirectoryA
GetStringTypeW
HeapFree
UnhandledExceptionFilter
TlsAlloc
ExitProcess

msvcrt

?what@exception@@UBEPBDXZ
_vsnwprintf
__set_app_type
??0exception@@QAE@ABQBD@Z
memset
_adjust_fdiv
_onexit
memmove
_initterm
_wtoi
malloc

user32

SetFocus
GetWindowPlacement
DispatchMessageW
IsDialogMessageW
GetActiveWindow
GetMenuItemID
EnumThreadWindows
GetWindowRect
RegisterWindowMessageA
LoadCursorA
GetMenuItemCount
ShowWindow
SetWindowTextA
TrackPopupMenu
EqualRect
SetParent
PostMessageW
IsRectEmpty
UnhookWindowsHookEx
EndDialog
SendDlgItemMessageW
GetCursorPos

ole32

CoTaskMemFree
CoInitialize

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1016KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ee0839e80f679f5bd8390ae52374a3b

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

ole32

Sections

.text Size: 148KB - Virtual size: 147KB

.rdata Size: 3KB - Virtual size: 9KB

.idata Size: 36KB - Virtual size: 36KB

.data Size: 512B - Virtual size: 1016KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 84B

.text
Size: 148KB - Virtual size: 147KB

.rdata
Size: 3KB - Virtual size: 9KB

.idata
Size: 36KB - Virtual size: 36KB

.data
Size: 512B - Virtual size: 1016KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 84B