a9435b664aa12cba78758833288f7129_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a9435b664aa12cba78758833288f7129_JaffaCakes118
Size

180KB
MD5

a9435b664aa12cba78758833288f7129
SHA1

c6a4f4b6a8d44834e9b3a9b69512c1fc1a11c780
SHA256

e6310d2dacb10c6a4e0576fec9d3001adc5d8f15920f678a3d048cfb3e622556
SHA512

e7a31185451ad5c61c9ad4b027799bbc3227e57b24501dd2de406519e3f2d6d224f986442845cd2005cfa0cb44d5b733bb9b4ef3e758ed50ce87381f398a6305
SSDEEP

3072:MWc+yrLZ+R2EU2y/qAb52U+Cwuk73E1S2iSwA+NL68BMXY9SbcmlLlQFkNt0RNOG:MMynZ+RdUYAbGCO76S5zy8B5zuZQFAwd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9435b664aa12cba78758833288f7129_JaffaCakes118

Files

a9435b664aa12cba78758833288f7129_JaffaCakes118
.exe windows:1 windows x86 arch:x86

ce98d7d2a41c03e9525de81b7d5c0787

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
GetTimeFormatW
UnhandledExceptionFilter
HeapAlloc
WaitForMultipleObjects
GetCPInfo
FindNextFileA
GetCurrentProcess
GetProcAddress
CreateFileW
CreateThread
RtlUnwind
MulDiv
InitializeCriticalSection
GetACP
SetHandleCount
lstrlenW
LoadLibraryA
GetOEMCP
SetLastError
GlobalMemoryStatus
GetVersionExA
GetCommandLineW
GetShortPathNameW
TlsGetValue
ResetEvent
GetLastError
VirtualFree
SetStdHandle
GetCurrentProcessId
InterlockedIncrement
DeleteCriticalSection
MultiByteToWideChar
SetEnvironmentVariableA
GetCurrentThreadId
GetEnvironmentStrings
GetProcessHeap
CreateMutexA
GlobalUnlock
GetTempPathW
GetStringTypeW
GlobalAlloc
TlsSetValue
InterlockedExchange
GetVersion
GlobalSize
IsBadReadPtr
GetTempFileNameW
HeapFree
lstrcpyA
LCMapStringW
GetModuleHandleA
EnterCriticalSection
FindResourceW
lstrcpyW
GetCommandLineA
CreateFileA
GetFileType
LCMapStringA
GetModuleHandleW
FreeLibrary
UnmapViewOfFile
LockResource
InterlockedCompareExchange
TerminateProcess
FormatMessageW
CreateEventW
GetModuleFileNameA
GetTickCount
GetLocalTime
GetSystemInfo
GetFileSize
GetLocaleInfoA
VirtualProtect
CloseHandle
GetFileTime
lstrlenA
GetStringTypeA
OpenProcess
SizeofResource
SetUnhandledExceptionFilter
HeapSize
lstrcmpiW

gdi32

SelectPalette
DeleteDC
GetStockObject
SaveDC
Rectangle
GetTextExtentPoint32W
SetBkMode
SetWindowExtEx

user32

ShowWindow
PeekMessageW
LoadCursorW
EnumWindows
MessageBoxW
GetWindowRect
SetWindowPos
GetActiveWindow
InflateRect
ReleaseDC
SendDlgItemMessageA
SetWindowsHookExA
GetWindowLongW
SetWindowRgn
SetCapture
LoadMenuW
MessageBeep
PostQuitMessage
SetWindowTextA
IsIconic
GetClientRect
MessageBoxA
FindWindowA
SetForegroundWindow
CreateWindowExW

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce98d7d2a41c03e9525de81b7d5c0787

Headers

File Characteristics

Imports

kernel32

gdi32

user32

Sections

.text Size: 66KB - Virtual size: 66KB

.rdata Size: 3KB - Virtual size: 8KB

.data Size: 106KB - Virtual size: 1.1MB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 66KB - Virtual size: 66KB

.rdata
Size: 3KB - Virtual size: 8KB

.data
Size: 106KB - Virtual size: 1.1MB

.rsrc
Size: 3KB - Virtual size: 3KB