b47c6a2682c9813e8f4a548e2faa6e85_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b47c6a2682c9813e8f4a548e2faa6e85_JaffaCakes118
Size

72KB
MD5

b47c6a2682c9813e8f4a548e2faa6e85
SHA1

5ada599c052d764d4daa45d7e62c0d316b29cbe6
SHA256

bae036ada6551724523b16dab085b5ac8716fa20d9591e5e19e9d260c0205052
SHA512

131511bdbd762bf7e45ff883b8a1c93ccbe100d7db88217afd4dde02a1eb12be037fe0e92e7b51688bd092576ed4a6fdc65dabc8ddd42684a350106d699bc582
SSDEEP

1536:J/9xC/vxK/vWOxS/Mxvn/UW6xh/Gx5UU7BKnDMN5gYML:J/9xC/vxK/vWOxS/MxP/UW6xh/Gx5UUg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b47c6a2682c9813e8f4a548e2faa6e85_JaffaCakes118

Files

b47c6a2682c9813e8f4a548e2faa6e85_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b03d2413fefb9ba2dca26394c4a0d032

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetStartupInfoA
GetModuleHandleA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
LoadLibraryA
VirtualAlloc
HeapAlloc
HeapFree
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
ReleaseMutex
GetEnvironmentStrings
Sleep
GetVersionExA
OpenMutexA
GetTickCount
CreateMutexA
CreateFileA
DeviceIoControl
GetACP
FreeEnvironmentStringsW
TerminateProcess
GetCommandLineA
GetVersion
GetProcAddress
ExitProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar

user32

MessageBoxA
DispatchMessageA
TranslateMessage
GetMessageA
PostMessageA
UpdateWindow
ShowWindow
CreateWindowExA
GetSystemMetrics
RegisterClassExA
ShowCursor
PostQuitMessage
GetDC
ReleaseDC
BeginPaint
EndPaint
InvalidateRect
DestroyWindow
SendMessageA
DefWindowProcA
LoadIconA
LoadCursorA

gdi32

SetPixel
DeleteObject
MoveToEx
CreatePen
SelectObject
GetStockObject
LineTo
GetTextExtentPoint32A
TextOutA
GetTextMetricsA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

comctl32

ord17

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1011B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b03d2413fefb9ba2dca26394c4a0d032

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 1024B - Virtual size: 1011B

.data Size: 11KB - Virtual size: 14KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 1024B - Virtual size: 1011B

.data
Size: 11KB - Virtual size: 14KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 4KB