ab946ae42a5f1f15a40fce61d6490970_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ab946ae42a5f1f15a40fce61d6490970_JaffaCakes118
Size

593KB
MD5

ab946ae42a5f1f15a40fce61d6490970
SHA1

f5236df8cd3545c67bf1ae5112de2ec24d127a94
SHA256

6f204224f4a7c32e14d6fcea904c20a3ffcfe669a031869e6d47350ff0eb3f2a
SHA512

9e6348c1081682b7a57fa702ae0e9d261130a6ea6b2279335eeb9aca2336ce9bd53231809126df21bb0e231552b8061be2882263758b76e7c71fb4306a966219
SSDEEP

12288:CdpfvW+3kmaf+RBwILVosTh2D7B+VoZHGjguMPZhQGb4YQn4z1gsUmek/:CddW+3km4eyILVosN2D7ksmEuMPW4CsH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab946ae42a5f1f15a40fce61d6490970_JaffaCakes118

Files

ab946ae42a5f1f15a40fce61d6490970_JaffaCakes118
.exe windows:4 windows x86 arch:x86

162505a4ee78c48dc64ebe5f92799d9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

GetConsoleCP
GetModuleFileNameW
GetTimeZoneInformation
ReadFile
GetLocaleInfoW
WriteConsoleW
AllocConsole
GetCurrentThreadId
VirtualAlloc
GetCurrentProcess
MultiByteToWideChar
GetSystemDefaultLangID
EnumSystemLocalesW
GetUserDefaultLCID
GetConsoleMode
GetFileType
GetStartupInfoW
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
HeapDestroy
ReleaseSemaphore
RtlUnwind
SetFileAttributesA
GetProfileIntW
GetStringTypeA
HeapReAlloc
EnterCriticalSection
HeapSize
Sleep
LoadLibraryA
GetProcAddress
CreateMutexA
SetStdHandle
GetStringTypeW
GetDateFormatA
SetConsoleWindowInfo
HeapCreate
CompareStringW
SetFilePointer
SetHandleCount
LCMapStringA
ReleaseMutex
FreeLibrary
RtlZeroMemory
GetCurrentThread
QueryPerformanceCounter
CreateFileA
GetModuleHandleW
DeleteCriticalSection
GetStdHandle
GetModuleFileNameA
OpenMutexA
GetModuleHandleA
EnumSystemLocalesA
LCMapStringW
HeapFree
WideCharToMultiByte
GetLocaleInfoA
GetSystemTimeAsFileTime
InterlockedExchange
GetTickCount
GetCommandLineW
CloseHandle
GetCPInfo
SetConsoleMode
SetWaitableTimer
TryEnterCriticalSection
GetCurrentProcessId
VirtualFree
GetLastError
InterlockedIncrement
GetAtomNameA
GetConsoleOutputCP
GetCommandLineA
SetLocaleInfoA
SetEnvironmentVariableA
GetEnvironmentStringsW
FlushFileBuffers
IsDebuggerPresent
WriteConsoleA
CompareStringA
TerminateProcess
InterlockedDecrement
GetProfileSectionA
TlsFree
VirtualQuery
SetLastError
UnhandledExceptionFilter
WriteProfileSectionA
GetOEMCP
GetTimeFormatA
lstrcatW
ExitProcess
WritePrivateProfileStringA
GetStartupInfoA
GetWindowsDirectoryA
GetACP
TlsSetValue
LoadLibraryExW
WriteFile
IsValidLocale
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
CompareFileTime
GetCompressedFileSizeA
TlsAlloc
CreateThread
HeapAlloc
TlsGetValue
IsValidCodePage

user32

NotifyWinEvent
SetDlgItemTextW
RegisterClassExA
RegisterHotKey
DdeDisconnect
EnumPropsW
DrawFocusRect
CreateDialogParamA
RegisterClassA
SetWindowContextHelpId
CloseWindowStation
EndDeferWindowPos
GetClipCursor

shell32

CommandLineToArgvW

Sections

.text
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

162505a4ee78c48dc64ebe5f92799d9b

Headers

File Characteristics

Imports

comctl32

kernel32

user32

shell32

Sections

.text Size: 254KB - Virtual size: 254KB

.rdata Size: 10KB - Virtual size: 32KB

.data Size: 318KB - Virtual size: 318KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 254KB - Virtual size: 254KB

.rdata
Size: 10KB - Virtual size: 32KB

.data
Size: 318KB - Virtual size: 318KB

.rsrc
Size: 9KB - Virtual size: 9KB