ac743902988496befda0df4ee0518b00_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ac743902988496befda0df4ee0518b00_JaffaCakes118
Size

632KB
MD5

ac743902988496befda0df4ee0518b00
SHA1

0f53f8ab94e1ea6b9ea5cd7e47d54ba0402e085e
SHA256

3d36a01cc28e556ab5744a889a407a997ccfea5641b3023b63b156ab691c7d21
SHA512

d3abbe6fb38c9b1c113e11ffaf903ee85a75dc53dd7b78ae680731c682e2d4934e4fbf47b6bbb2c880954529cc11d76eaee61df006d155ecadf68acd07859280
SSDEEP

12288:BV5Ml8Z9AbuiQKyRGyxMizjrmxE1BQDF1mGDAVxuKbAkZycuQx507GLRVrLa:BVWLRmIszPPPQDitDFbAkce07mzq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac743902988496befda0df4ee0518b00_JaffaCakes118

Files

ac743902988496befda0df4ee0518b00_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2fb48924a7959cdcf1ef5c5db61ca02a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
SetFilePointer
RaiseException
HeapSize
GetCurrentDirectoryA
LockResource
GetCurrentProcessId
GetEnvironmentStrings
lstrlenW
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
GetConsoleCP
GlobalFree
GetSystemInfo
LCMapStringW
LeaveCriticalSection
HeapAlloc
CreateFileA
TlsSetValue
CreateEventA
CreateFileW
CreateEventW
FindNextFileA
CreateFileMappingA
CompareStringA
FindFirstFileA
lstrcmpA
GetProcAddress
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
GetTickCount
QueryPerformanceCounter
SetEvent
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
CloseHandle
FlushFileBuffers
ExitProcess
IsDebuggerPresent
GetModuleFileNameW
InitializeCriticalSection
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
GetEnvironmentVariableA
LocalFree
GetOEMCP
SetFileAttributesA
GetStringTypeW
HeapReAlloc
SetStdHandle
WriteFile
InterlockedExchange
GetStringTypeA
WideCharToMultiByte
FreeEnvironmentStringsW
SetErrorMode
LocalAlloc
GetLocaleInfoA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
HeapDestroy
WaitForSingleObject
FileTimeToSystemTime
GetStdHandle
GetCommandLineA
GetVersion
GetFileType
TlsAlloc
TlsGetValue
GetLastError
HeapCreate
RtlUnwind
GetCPInfo
LCMapStringA
GetACP
GetModuleHandleW
CreateProcessA
IsValidCodePage
UnmapViewOfFile
VirtualFree
Sleep
FindResourceA
GetModuleFileNameA
VirtualAlloc

user32

BeginPaint
SetFocus
EndPaint
IsWindowEnabled
ShowWindow
DestroyWindow
ReleaseDC
SetWindowPos
PostQuitMessage
MapWindowPoints
SetWindowTextA
wsprintfA
TrackPopupMenu
IsWindowVisible
InvalidateRect
SendMessageA
GetClientRect
EnableWindow
SetCursor
GetSystemMetrics

gdi32

SelectObject
SetTextColor
GetStockObject
DeleteDC
GetDeviceCaps
DeleteObject
SetBkMode
SetBkColor
CreateSolidBrush

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 584KB - Virtual size: 582KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fb48924a7959cdcf1ef5c5db61ca02a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 584KB - Virtual size: 582KB

.data Size: 20KB - Virtual size: 22KB

.rsrc Size: 4KB - Virtual size: 760B

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 584KB - Virtual size: 582KB

.data
Size: 20KB - Virtual size: 22KB

.rsrc
Size: 4KB - Virtual size: 760B