a988a327c40133d7fa4521da34e1a35e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a988a327c40133d7fa4521da34e1a35e_JaffaCakes118
Size

511KB
MD5

a988a327c40133d7fa4521da34e1a35e
SHA1

68d41c317489f40bc76d1c1e901220d8fd615ea8
SHA256

3e29027d8617a60a4de7a680ef069963a207c4de039d928a360fb9d6e4c9c544
SHA512

7c61a04467f872ba80260a645feee7b39a4de43e192cbd359ee288240a538a0e7faa0242d05cf06ca36ede45249aa9b6a072c6d0171f11919b0d1cc8f33ed5b1
SSDEEP

12288:ckKvKbTUJHZ+/hsM4uxtoXnT44t5vlSdWo0TlMOYMuLrMI4Eb:ckKvfZntodWo05izb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a988a327c40133d7fa4521da34e1a35e_JaffaCakes118

Files

a988a327c40133d7fa4521da34e1a35e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

477c76bcd3255c78eaa593929b57201e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

TranslateAcceleratorW
SetCapture
DdeGetData
EnableScrollBar
CallMsgFilter
GetMessageW
TranslateMessage
VkKeyScanA
GetMessagePos
RegisterClassExA
IsDialogMessageW
GetClipboardSequenceNumber
RegisterClassA
DefMDIChildProcA
GetQueueStatus
GetTopWindow
SetKeyboardState

kernel32

TlsFree
CompareStringA
FreeEnvironmentStringsW
GetModuleHandleW
SetVolumeLabelA
SetConsoleCtrlHandler
GetStringTypeA
SetStdHandle
TlsSetValue
GetModuleFileNameW
TlsGetValue
GetConsoleOutputCP
VirtualAlloc
GetEnvironmentStringsW
LCMapStringW
HeapSize
GetStartupInfoW
GetCommandLineW
Sleep
EnterCriticalSection
ReadFile
InterlockedIncrement
CreateMutexA
OpenMutexA
GetTimeZoneInformation
SetUnhandledExceptionFilter
HeapAlloc
GetModuleHandleA
CompareStringW
GetACP
InterlockedDecrement
GetStdHandle
GetOEMCP
MultiByteToWideChar
RtlUnwind
CreateFileA
GetLastError
HeapDestroy
GetCurrentProcessId
GetCurrentProcess
LeaveCriticalSection
GetStartupInfoA
FreeLibrary
WriteConsoleW
IsValidLocale
GetSystemTimeAsFileTime
InterlockedExchange
GetTimeFormatA
GetLocaleInfoW
WideCharToMultiByte
FlushFileBuffers
GetConsoleCP
GetCurrentThreadId
TlsAlloc
GetDateFormatA
IsValidCodePage
FillConsoleOutputCharacterA
GetModuleFileNameA
VirtualFree
HeapFree
EnumSystemLocalesA
QueryPerformanceCounter
GetStringTypeW
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
HeapCreate
FindAtomA
GetTickCount
GetCPInfo
GetUserDefaultLCID
CloseHandle
GetConsoleMode
SetHandleCount
SetEnvironmentVariableA
GetLocaleInfoA
LCMapStringA
InitializeCriticalSectionAndSpinCount
VirtualQuery
GetProcAddress
OpenWaitableTimerA
DeleteCriticalSection
GetCurrentThread
SetFilePointer
IsDebuggerPresent
GetCommandLineA
WriteConsoleA
GetFileType
FlushInstructionCache
WriteFile
LoadLibraryA
SetLastError
ExitProcess

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

477c76bcd3255c78eaa593929b57201e

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 174KB - Virtual size: 173KB

.rdata Size: 9KB - Virtual size: 13KB

.data Size: 315KB - Virtual size: 314KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 174KB - Virtual size: 173KB

.rdata
Size: 9KB - Virtual size: 13KB

.data
Size: 315KB - Virtual size: 314KB

.rsrc
Size: 11KB - Virtual size: 11KB