aa714f70a9e9e8f483c13df76be06128_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

aa714f70a9e9e8f483c13df76be06128_JaffaCakes118
Size

193KB
MD5

aa714f70a9e9e8f483c13df76be06128
SHA1

818b2e7b8569302fbbd584a30e047939bcc1d757
SHA256

cdefac2cc2c4c96ca303a45de622949a43d99118080588ece0ddcd869c58e36b
SHA512

dd6f1162c354c7d2773fc6e299489cb97df2edccfdfa10f5105c1e670ae9358146fdff44edd7e51bb8f79a5c27473e7bd716dc251e3e7ca6ddc993040cd2a9f9
SSDEEP

3072:G0o9hWuRHiBzdDAHaDWvt+WDtEs9OqkSggYMdQlB9v6BKnhS/OdOFIpgdxpH8:CWUiBhDCSW1+Wh9LkvMy9iYhldOipAX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa714f70a9e9e8f483c13df76be06128_JaffaCakes118

Files

aa714f70a9e9e8f483c13df76be06128_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e52d3d3dff3aa3a292d905cc5d0228e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\cccccc\cccxxx\xccvcvfg\fg\f\hg\hg\f\hg\h\gfghg\gf\g\h\gf

Imports

kernel32

GetCPInfo
FindFirstFileW
FindNextFileW
FindClose
CopyFileW
CreateDirectoryA
ResetEvent
WaitForMultipleObjects
VirtualFree
VirtualProtect
VirtualAlloc
GetCurrentThreadId
GetCommandLineA
GetModuleHandleA
MoveFileA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
HeapSize
SetFilePointer
VirtualQuery
InterlockedExchange
RtlUnwind
GetOEMCP
GetACP
LoadLibraryA
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapAlloc
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
LocalFree
LocalAlloc
GetVersion
GetTempFileNameA
GetFileAttributesA
CreateThread
MoveFileW
RemoveDirectoryW
InterlockedIncrement
InterlockedCompareExchange
CopyFileA
DeleteFileA
FindFirstChangeNotificationA
GetCurrentProcessId
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
GetCurrentProcess
TerminateProcess
GetStartupInfoA
GetVersionExA
HeapFree
GetLastError
CloseHandle
ExitProcess
GetProcAddress
GetSystemInfo

user32

SetParent
SetCursor
IntersectRect
InsertMenuItemA
ClientToScreen
InflateRect
GetWindowThreadProcessId
LoadBitmapA
GetIconInfo
DrawEdge
IsDlgButtonChecked
DrawIconEx
AppendMenuA
CreatePopupMenu
DrawFrameControl
FillRect
IsDialogMessageW
PostMessageA
CreateDialogIndirectParamA
DialogBoxIndirectParamA
SetWindowLongA
GetWindowRect
GetSystemMetrics
GetForegroundWindow
GetClientRect
SendMessageW
PostMessageW
DispatchMessageA

gdi32

GetObjectA
SelectClipRgn
CreateRectRgn
GetPixel
PtVisible
CreateFontA
GetStockObject
DPtoLP
CreateDCA
CreatePen
DeleteObject
DeleteDC
SetMapMode

ole32

OleInitialize
CoRegisterSurrogate
CoRegisterClassObject
CoCreateInstance
CoInitialize
CoUninitialize
OleUninitialize

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e52d3d3dff3aa3a292d905cc5d0228e

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

ole32

Sections

.text Size: 58KB - Virtual size: 57KB

.rdata Size: 48KB - Virtual size: 47KB

.data Size: 85KB - Virtual size: 106KB

.rsrc Size: 1024B - Virtual size: 720B

.text
Size: 58KB - Virtual size: 57KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 85KB - Virtual size: 106KB

.rsrc
Size: 1024B - Virtual size: 720B