aa8b96b1b95645b2f32eadadb4034813_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

aa8b96b1b95645b2f32eadadb4034813_JaffaCakes118
Size

24KB
MD5

aa8b96b1b95645b2f32eadadb4034813
SHA1

b341dfa26028f51f61e38d4de2667c909b536156
SHA256

9d67688f3e7f4eee41ee08f32f526f3429db3b9ffc50a197569e02bc737deb64
SHA512

464a6970a418bdc67d93db289e9f4b466754f7e3a99b3e7f200da0a53d8b08f8bc92633f9a606bd7b8eb33ef19262c7a637b4f592ba1c0c6ec7accc85f975197
SSDEEP

384:P16dGhvB8sbKz1s4efKpbqUTYm3qQb7rlZ3SjXoIQ3MMAq6J7YfZqKgAk+fnTo:N6whp8JmjK3TY0bD3SboIgncKXfPTo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa8b96b1b95645b2f32eadadb4034813_JaffaCakes118

Files

aa8b96b1b95645b2f32eadadb4034813_JaffaCakes118
.exe windows:1 windows x86 arch:x86

22acc1d02747d1d076fa276852af536d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

iswlower
__setusermatherr
_XcptFilter
_exit
_amsg_exit
memcpy
_adjust_fdiv
_chkesp
_except_handler3
_scalb
_mbsspnp
__set_app_type
tanh
__p__commode
exit
__p__fmode
strspn
_cwait
_fsopen
_acmdln
__getmainargs
_getdrive
_getws
_wchdir
_initterm
_controlfp

gdi32

CreatePen
CreateCompatibleDC
CreateFontIndirectA

kernel32

GetDateFormatA
LoadLibraryW
GetFileTime
LockResource
HeapCreate
DeviceIoControl
VirtualFree
GetComputerNameW
HeapAlloc
PulseEvent
GlobalUnlock
SizeofResource
CreateEventA
TerminateThread
GetConsoleOutputCP
GetLastError
GetFileAttributesA
OpenProcess
FlushFileBuffers
GetProcessAffinityMask
ExitThread
GetFileType
IsValidCodePage
GetStartupInfoA
LCMapStringW
WideCharToMultiByte
RaiseException
WriteFile
GetConsoleCP
GetCommandLineW
CloseHandle
DeleteFileA
GetDriveTypeA
GetModuleHandleA
SetPriorityClass
WaitForMultipleObjects
GlobalAddAtomA
GetSystemTimeAsFileTime
CreateFileA
Module32First
GlobalLock
GetSystemInfo
SetFilePointer
TerminateProcess
SetProcessWorkingSetSize
FindClose
GlobalAlloc
VirtualProtect
InitializeCriticalSection

user32

RemoveMenu
CharNextExA
CallNextHookEx
GetWindow
GetMessageA
CharNextA
ChangeDisplaySettingsA
CharPrevA
CharLowerA
ChangeClipboardChain
GetWindowTextA
CascadeWindows
CallMsgFilterA
CharLowerBuffA
CharPrevExA

advapi32

GetSecurityDescriptorSacl

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rtuackm
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

22acc1d02747d1d076fa276852af536d

Headers

File Characteristics

Imports

msvcrt

gdi32

kernel32

user32

advapi32

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 8KB

.rsrc Size: 3KB - Virtual size: 31KB

rtuackm Size: - Virtual size: 4KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 8KB

.rsrc
Size: 3KB - Virtual size: 31KB

rtuackm
Size: - Virtual size: 4KB