ac2e910308a6db91e1c06d081756e56b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ac2e910308a6db91e1c06d081756e56b_JaffaCakes118
Size

425KB
MD5

ac2e910308a6db91e1c06d081756e56b
SHA1

2f849b760323ef94c3c06015f5645a599f223494
SHA256

953cc03cf18621cf9885a04809111a65719574c54992c0a9b618e057bd3647b0
SHA512

344587a24720d6357c667ca4cc72fe15901422e5d7f6e1e19b3ab674131b8e8cab7eaa6913c401bb8fe7b1ff5db3b5f739d777ebec95e82c0266c23a6edf83f3
SSDEEP

6144:h3RJgpYDBNArwbywj7c7cahlXEpRMVJvngfxxqyMRaOCJYucZUMO9ZVJKDy3wd:hBpDrIwNncgavXE+vngfxMyiaORe5KE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac2e910308a6db91e1c06d081756e56b_JaffaCakes118

Files

ac2e910308a6db91e1c06d081756e56b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7bf46c520d4fbe682c0335b8e20fa7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorW
ChooseFontA

kernel32

GetAtomNameW
GetStartupInfoW
SetConsoleCtrlHandler
GetACP
TerminateProcess
WideCharToMultiByte
VirtualFree
EnterCriticalSection
GetStdHandle
GetProcAddress
ExitProcess
SetEnvironmentVariableA
LeaveCriticalSection
HeapAlloc
GetCurrentProcessId
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
Sleep
SetHandleCount
GetTimeZoneInformation
IsDebuggerPresent
TerminateThread
HeapDestroy
TlsFree
GetLocaleInfoA
InitializeCriticalSection
FreeEnvironmentStringsA
GetDateFormatA
FindFirstFileW
HeapReAlloc
EnumCalendarInfoExA
SetUnhandledExceptionFilter
GetCommandLineA
RtlUnwind
MoveFileExA
GetCommandLineW
CompareStringW
InterlockedExchange
TlsGetValue
QueryPerformanceCounter
HeapCreate
EnumResourceTypesW
GetEnvironmentStringsW
LCMapStringA
IsValidCodePage
GetTimeFormatA
VirtualQuery
LoadLibraryW
MultiByteToWideChar
GetModuleFileNameA
PulseEvent
VirtualAlloc
GetStringTypeA
FreeLibrary
GetCurrentThread
GetSystemDefaultLCID
GetModuleFileNameW
TlsAlloc
GetModuleHandleA
GetProcessHeap
DeleteCriticalSection
GetStartupInfoA
SetLastError
GetProfileStringA
HeapSize
GetLastError
TlsSetValue
GetLocaleInfoW
IsValidLocale
GetSystemTimeAsFileTime
GetEnvironmentStrings
InterlockedDecrement
GetCurrentProcess
LCMapStringW
GetVersionExA
GetTickCount
GetFileType
SetConsoleTextAttribute
GetCPInfo
LoadLibraryA
InterlockedIncrement
lstrcpynA
GetVersionExW
HeapFree
FreeEnvironmentStringsW
WriteFile
UnhandledExceptionFilter
CompareStringA
GetOEMCP
GetCurrentThreadId

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7bf46c520d4fbe682c0335b8e20fa7c

Headers

File Characteristics

Imports

comdlg32

kernel32

Sections

.text Size: 129KB - Virtual size: 128KB

.rdata Size: 8KB - Virtual size: 24KB

.data Size: 280KB - Virtual size: 279KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 129KB - Virtual size: 128KB

.rdata
Size: 8KB - Virtual size: 24KB

.data
Size: 280KB - Virtual size: 279KB

.rsrc
Size: 7KB - Virtual size: 6KB