b7d12a87500a50dcc2cf1e7a2a7ef93b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b7d12a87500a50dcc2cf1e7a2a7ef93b_JaffaCakes118
Size

1.3MB
MD5

b7d12a87500a50dcc2cf1e7a2a7ef93b
SHA1

fdf2049b92ab8a29bea1427c699f7c84fb8743d4
SHA256

bc8f588263f32cb5a27430317a59673b90de64b0456d760caa26fa5b2f0b4b8a
SHA512

06576763b56bae892fd26417c87abc2b10a4ae14e6d71e4e6705482d950ba4d3d68485da33df4ed948ed2a36b974bfa9815e89ad8495181964c0644b3f740651
SSDEEP

24576:tkYibKRAQLuPoVoG3JXsMSrbehowTui/SedqBEY6cFcx+Jcj/NXv74Xy139udzld:OYibKRAQLuPgoGZX3S3ehowTn/SedqaC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7d12a87500a50dcc2cf1e7a2a7ef93b_JaffaCakes118

Files

b7d12a87500a50dcc2cf1e7a2a7ef93b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ada1a256a8d48535d11363bd550f7660

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
InitializeCriticalSectionAndSpinCount
InterlockedExchange
GetCurrentThreadId
IsDBCSLeadByte
LCMapStringA
DisableThreadLibraryCalls
TlsAlloc
LocalFree
GetFileSize
GetStartupInfoA
lstrcmpiA
ExitProcess
SetFileAttributesA
FlushFileBuffers
TlsSetValue
GetCurrentDirectoryA
InitializeCriticalSection
GetCommandLineW
GetConsoleMode
MulDiv
QueryPerformanceCounter
CreateFileW
SetUnhandledExceptionFilter
OutputDebugStringW
MultiByteToWideChar
GetCurrentProcessId
FindResourceA
LoadLibraryExA
GetModuleFileNameW
GetDriveTypeW
HeapSize
LCMapStringW
GetProcAddress
InterlockedIncrement
IsBadWritePtr
InterlockedDecrement
SetConsoleCtrlHandler
FileTimeToSystemTime
GlobalAlloc
GetEnvironmentStrings
GetCurrentProcess
CreateMutexW
VirtualFree
TlsFree
FlushInstructionCache
VirtualAlloc
GetFullPathNameW
LoadLibraryA
GetSystemTimeAsFileTime
SetLastError
DeleteCriticalSection
GetCommandLineA
IsDebuggerPresent
WriteConsoleA
GetVersionExA
SetStdHandle
GetProcessHeap
GetLastError
LeaveCriticalSection
LoadResource
GlobalFree
VirtualProtect
lstrlenW
HeapAlloc
InterlockedCompareExchange
CloseHandle
TerminateProcess
GetFileType
GlobalUnlock
GetFullPathNameA
ReleaseMutex
Sleep
HeapFree
GetModuleHandleA
OutputDebugStringA
UnhandledExceptionFilter
HeapReAlloc
GetDriveTypeA
lstrcpyA
FreeLibrary
GetDateFormatW
FreeEnvironmentStringsA
CreateDirectoryA
EnterCriticalSection
TlsGetValue
DeleteFileA
FileTimeToLocalFileTime
GetModuleHandleW
lstrcmpiW
QueryPerformanceFrequency
OpenMutexA
lstrcpynA
RaiseException
CreateFileA

user32

wsprintfA
CheckMenuItem
FindWindowA
GetMessageTime
DestroyWindow
GetWindowLongW
GetParent
DestroyMenu
GetWindow
EndDialog
GetPropW
GetMessageA
IntersectRect
IsWindowEnabled
GetDC
CreateWindowExW
SetTimer
DefWindowProcW
InvalidateRect
UnhookWindowsHookEx
RegisterClassW
EndPaint
IsWindowVisible
EqualRect
GetMessagePos
CopyRect
IsWindow
TranslateMessage
SetRect
IsDlgButtonChecked
GetClassNameA
ReleaseDC
UpdateWindow

msvcrt

iswspace
_CxxThrowException
strchr
_errno
_fileno
_amsg_exit
realloc
__p__commode
__dllonexit
_initterm
_XcptFilter
memset
??0exception@@QAE@ABV0@@Z
_wcsicmp

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 269KB - Virtual size: 6.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ada1a256a8d48535d11363bd550f7660

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.data Size: 269KB - Virtual size: 6.8MB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 269KB - Virtual size: 6.8MB

.rsrc
Size: 14KB - Virtual size: 14KB