ba6234084d698b64eaa65baf31040d9d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba6234084d698b64eaa65baf31040d9d_JaffaCakes118
Size

509KB
MD5

ba6234084d698b64eaa65baf31040d9d
SHA1

626cc872cb8067dd423139da87e78de0a2650193
SHA256

d98ca1a86c5bc5ae4bf939fb0dba7c0bc7eb62f667461777880b06185cff86f1
SHA512

2fecf6d6f975029ae7f7702ba240b7d7ed0637d12270151c79f248783333f6fb8509a62a0bf3bd9156df40ca8c05c79ba9bc3ec846dfbd60bec4e2371d06bf4b
SSDEEP

12288:uzaQiodPa0ykeHRaqL153JMHEkB3qCHkTieW9hwlEl:sPa0JG9L1zOlaYkOL9Nl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba6234084d698b64eaa65baf31040d9d_JaffaCakes118

Files

ba6234084d698b64eaa65baf31040d9d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

552e00413fa31a3d7a9f8b448cabde49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassA
GetUserObjectSecurity
RegisterClassExA

kernel32

GetModuleFileNameA
GetModuleHandleW
GetTimeFormatW
EnumDateFormatsA
RtlMoveMemory
GetNumberFormatW
Sleep
CloseHandle
SetUnhandledExceptionFilter
WideCharToMultiByte
LoadLibraryA
InterlockedDecrement
GetTempPathW
VirtualFree
ReadFile
FlushViewOfFile
RtlUnwind
OpenMutexA
WaitNamedPipeA
GetFileType
QueryPerformanceCounter
ReadConsoleInputW
GetSystemTimeAsFileTime
GetStringTypeW
GetTickCount
GetCurrentProcess
GetTimeFormatA
SetConsoleCtrlHandler
SetStdHandle
GetACP
CreateSemaphoreA
TlsAlloc
GetLastError
WriteFile
LCMapStringW
lstrcpyA
GetCurrentProcessId
HeapReAlloc
GetFileAttributesExA
GetFileAttributesExW
SetFilePointer
IsValidCodePage
GetCommandLineA
VirtualQuery
HeapAlloc
GetStdHandle
InterlockedExchange
CreateNamedPipeA
MultiByteToWideChar
DeleteCriticalSection
GetLocaleInfoW
EnumSystemLocalesA
GetConsoleMode
GetTimeZoneInformation
GetStringTypeA
GetLocaleInfoA
TlsGetValue
TerminateProcess
IsValidLocale
UnhandledExceptionFilter
CompareStringA
SetConsoleMode
FreeLibrary
GetModuleFileNameW
GetDateFormatA
GetUserDefaultLCID
LCMapStringA
GetCPInfo
HeapFree
VirtualAlloc
IsDebuggerPresent
GetCurrentThreadId
SetLastError
GetStartupInfoA
GetStartupInfoW
SetHandleCount
HeapSize
HeapCreate
GetEnvironmentStringsW
FlushFileBuffers
GetProcessAffinityMask
WriteConsoleA
GetSystemTimeAdjustment
CreateEventW
SetThreadAffinityMask
TlsFree
InitializeCriticalSectionAndSpinCount
GetOEMCP
GetCommandLineW
FreeEnvironmentStringsW
GetConsoleOutputCP
CreateFileA
GetProcAddress
GetCurrentThread
GetModuleHandleA
CreateMutexA
ExitProcess
TlsSetValue
WriteConsoleW
CompareStringW
InterlockedIncrement
EnterCriticalSection
SetEnvironmentVariableA
GetConsoleCP
LeaveCriticalSection
HeapDestroy

comctl32

InitCommonControlsEx

Sections

.text
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

552e00413fa31a3d7a9f8b448cabde49

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 174KB - Virtual size: 174KB

.rdata Size: 9KB - Virtual size: 33KB

.data Size: 316KB - Virtual size: 316KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 174KB - Virtual size: 174KB

.rdata
Size: 9KB - Virtual size: 33KB

.data
Size: 316KB - Virtual size: 316KB

.rsrc
Size: 7KB - Virtual size: 7KB