b1d541a8acc70638d7de1d4df32ba33e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b1d541a8acc70638d7de1d4df32ba33e_JaffaCakes118
Size

544KB
MD5

b1d541a8acc70638d7de1d4df32ba33e
SHA1

b45659cb1345086b297923e7d3bab1b05c967803
SHA256

5b4172fd5dc568d231b370733e25124e6874afbc3b09ab8ac8b131ef7d64cfa5
SHA512

c22f2e1936cb1f6c2e95bbeb56d1ab0c5c056cb8ccd00e31fcbb2ad715d251a8e8e996c491ce82452d9ecd5d792c60878ab0ff7a3afb8c9af963484037f20fd4
SSDEEP

12288:CO4RgmR/w13WcuNbZcIXne6flG1PmrWdPYKMRcyV2uwda6K:xDhsnHfM1+Ug7RcytXd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1d541a8acc70638d7de1d4df32ba33e_JaffaCakes118

Files

b1d541a8acc70638d7de1d4df32ba33e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ff801e4afde599b75141dccd57ad629

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
FindResourceA
Sleep
WriteFile
HeapCreate
GetACP
CloseHandle
ReadFile
GetModuleHandleA
MapViewOfFile
RaiseException
GetCommandLineA
GetCommandLineW
SetFileTime
LockResource
GetCurrentProcessId
SizeofResource
lstrlenW
GlobalUnlock
GetConsoleCP
GlobalFree
GetSystemInfo
LCMapStringW
GetLastError
LeaveCriticalSection
TlsSetValue
GetFileType
CompareStringA
GetProcessHeap
GetProcAddress
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
VirtualProtect
GetTickCount
QueryPerformanceCounter
GetOEMCP
LoadLibraryW
SetHandleCount
GetSystemTime
EnterCriticalSection
HeapFree
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
WriteConsoleA
CreateFileA
SetFilePointer
MultiByteToWideChar
TlsGetValue
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
ExitProcess
GetModuleFileNameW
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
LocalFree
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WideCharToMultiByte
SetStdHandle
FreeEnvironmentStringsW
GetConsoleMode
GetCurrentProcess
GetLocalTime
WaitForSingleObject
GetConsoleOutputCP
GetStdHandle
HeapAlloc
GetVersion
TerminateProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
TlsAlloc
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
VirtualFree
RtlUnwind
GetCPInfo
GetStringTypeA
LCMapStringA

user32

SetForegroundWindow
GetDesktopWindow
LoadIconA
ScreenToClient
SetWindowTextA
SetWindowLongA
PostMessageA
GetWindowRect
KillTimer
GetWindowLongA
LoadStringA
ShowWindow
GetParent
GetMessageA
PtInRect
GetClientRect
GetDC

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 488KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ff801e4afde599b75141dccd57ad629

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 488KB - Virtual size: 488KB

.rsrc Size: 4KB - Virtual size: 664B

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 488KB - Virtual size: 488KB

.rsrc
Size: 4KB - Virtual size: 664B