b52c069fecabbf9a0efbb8b113de3de9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b52c069fecabbf9a0efbb8b113de3de9_JaffaCakes118
Size

501KB
MD5

b52c069fecabbf9a0efbb8b113de3de9
SHA1

eb387bcc9396e1b60db8abf71784231d48222908
SHA256

ac1443fd5e58d76e3639aeb553697adfab914805f0b29814895d13ff8cdbbe59
SHA512

dc89c65ae51d3b8875950fe9becac6fcc56d8bcb94b21f7b523b7c17b253fbaff0e490750e4d8cd9738ecf1640bd3b3f385b4b6f93b6ab3ac32d7169d61132ed
SSDEEP

12288:1ya8JLTsjS3kHwTGtuX4beFDttGaerQknkSpIkVl5N5ZHNY+i2U:gaQse3pTGnqPszVlZZHrr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b52c069fecabbf9a0efbb8b113de3de9_JaffaCakes118

Files

b52c069fecabbf9a0efbb8b113de3de9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e6dc086d4b8197ab157fb27a21a6674

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorA
ReplaceTextA
GetOpenFileNameA
ChooseFontW

comctl32

InitCommonControlsEx

user32

OpenDesktopW
CreateIconIndirect
OpenInputDesktop
PostThreadMessageW
ChangeClipboardChain
AnimateWindow
RegisterClassA
RegisterClassExA
LoadStringW
PostThreadMessageA
LoadAcceleratorsA

kernel32

SetStdHandle
GetStartupInfoA
GetFileType
GetLocaleInfoA
WriteFile
FreeEnvironmentStringsA
IsValidCodePage
FreeEnvironmentStringsW
GetTimeZoneInformation
TerminateProcess
IsBadWritePtr
LoadLibraryA
TlsAlloc
GetVersionExA
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetTimeFormatA
GetOEMCP
GetModuleFileNameA
ReadFile
GetLocaleInfoW
HeapAlloc
GetSystemInfo
MultiByteToWideChar
DeleteFileW
CompareStringA
WideCharToMultiByte
GetTickCount
VirtualProtect
EnterCriticalSection
VirtualAlloc
GetUserDefaultLCID
GetCurrentThreadId
GetDateFormatA
HeapReAlloc
TlsGetValue
GetEnvironmentStrings
LCMapStringW
CreateMutexA
HeapSize
GetStdHandle
QueryPerformanceCounter
UnhandledExceptionFilter
SetEnvironmentVariableA
InterlockedExchange
CloseHandle
MoveFileExA
GetStringTypeW
TlsSetValue
DeleteCriticalSection
GetCurrentThread
SetHandleCount
OpenMutexA
EnumSystemLocalesA
GetCommandLineA
GetCurrentProcess
InitializeCriticalSection
SetLastError
IsValidLocale
GetModuleHandleA
SetFilePointer
HeapDestroy
GetCPInfo
GetACP
HeapCreate
ExitProcess
LCMapStringA
CompareStringW
FindAtomW
FlushFileBuffers
RtlUnwind
LeaveCriticalSection
GetStringTypeA
TlsFree
CreateMailslotW
HeapFree
VirtualQuery
VirtualFree
GetLastError
GetProcAddress
GetCurrentProcessId

Sections

.text
Size: 360KB - Virtual size: 359KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e6dc086d4b8197ab157fb27a21a6674

Headers

File Characteristics

Imports

comdlg32

comctl32

user32

kernel32

Sections

.text Size: 360KB - Virtual size: 359KB

.rdata Size: 19KB - Virtual size: 37KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 360KB - Virtual size: 359KB

.rdata
Size: 19KB - Virtual size: 37KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 15KB - Virtual size: 14KB