ab77b22655c18c6ff127d9e675d25e6b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ab77b22655c18c6ff127d9e675d25e6b_JaffaCakes118
Size

513KB
MD5

ab77b22655c18c6ff127d9e675d25e6b
SHA1

cdeb10e326ad9736fb8f650453f9641d9f16cb45
SHA256

0c94af50b9b3f20eb7e4940eb5ed0539cfeed39e290868738039b1bf3ccef66b
SHA512

23ee7619fef7316da3827d1e376a2fc289606891023af72b7cb658bc382ffbb6439b59fda957532b657edebd865eddfa0cebb49bbd728093525e6f4102a3a6ff
SSDEEP

12288:0VNKAZMtWFXgzn7XJrWi7kixZFbmvXDRyhHr:0VQAC6Xgz7Z7PZFbmbohL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab77b22655c18c6ff127d9e675d25e6b_JaffaCakes118

Files

ab77b22655c18c6ff127d9e675d25e6b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

95572cf7c775b7d0d45d41b09853234b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClipboardSequenceNumber
KillTimer
GetClassNameA
RegisterClassExA
GetDlgItem
ExcludeUpdateRgn
GetWindowModuleFileNameA
DestroyIcon
GetNextDlgTabItem
RegisterClipboardFormatW
OpenDesktopA
GetDlgItemTextA
TrackPopupMenuEx
SetForegroundWindow
LoadStringA
RegisterClassA
IsCharAlphaA
CreateMenu
SetUserObjectInformationA
GetWindowLongA
DragObject
DrawCaption
GetCursorPos
DdeCreateStringHandleA
ScrollWindowEx
GetUpdateRgn

gdi32

GetPixelFormat
SetArcDirection
GetTextFaceW

comctl32

InitCommonControlsEx

kernel32

SetFilePointer
GetTimeZoneInformation
GetConsoleCP
GetModuleFileNameW
CloseHandle
CreateFileA
GetLastError
GetCommandLineA
GetNamedPipeHandleStateA
GetCurrentProcess
InterlockedIncrement
GetEnvironmentStringsW
HeapDestroy
TlsFree
TlsSetValue
HeapFree
FreeEnvironmentStringsW
VirtualQuery
SetEnvironmentVariableA
WriteConsoleA
WriteFile
DebugBreak
CompareStringW
TerminateProcess
WritePrivateProfileStringA
GetModuleHandleW
FileTimeToDosDateTime
GetCurrentProcessId
GetProcessAffinityMask
VirtualAlloc
GetACP
WideCharToMultiByte
FlushFileBuffers
EnterCriticalSection
FreeLibrary
GetStartupInfoA
LCMapStringW
EnumSystemLocalesA
LeaveCriticalSection
IsValidCodePage
GetModuleHandleA
HeapAlloc
SetHandleCount
GetLocaleInfoA
RtlUnwind
IsValidLocale
IsDebuggerPresent
HeapCreate
GetSystemTimeAsFileTime
GetProcAddress
ReadFile
HeapReAlloc
TlsGetValue
InterlockedExchange
InterlockedDecrement
GetDateFormatA
SetStdHandle
GetLocaleInfoW
SetConsoleCtrlHandler
GetStringTypeA
GetStartupInfoW
LoadLibraryA
GetUserDefaultLCID
UnhandledExceptionFilter
OpenMutexA
LCMapStringA
VirtualFree
GlobalDeleteAtom
WriteConsoleW
GetStringTypeW
MoveFileExA
HeapSize
GetStdHandle
SetUnhandledExceptionFilter
GetConsoleMode
GetFileType
SetLastError
ExitProcess
CreateMutexA
GetTickCount
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetCPInfo
QueryPerformanceCounter
GetCurrentThread
lstrcatW
GetTimeFormatA
CompareStringA
DeleteCriticalSection
GetCurrentThreadId
MultiByteToWideChar
Sleep
GetModuleFileNameA
GetCommandLineW
GetOEMCP
GetConsoleOutputCP

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95572cf7c775b7d0d45d41b09853234b

Headers

File Characteristics

Imports

user32

gdi32

comctl32

kernel32

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 10KB - Virtual size: 19KB

.data Size: 317KB - Virtual size: 316KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 10KB - Virtual size: 19KB

.data
Size: 317KB - Virtual size: 316KB

.rsrc
Size: 5KB - Virtual size: 4KB