bb0aaa3839c64423fa25d14cdaba6e6c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bb0aaa3839c64423fa25d14cdaba6e6c_JaffaCakes118
Size

322KB
MD5

bb0aaa3839c64423fa25d14cdaba6e6c
SHA1

8f180d96cec8d9ef22ae2f1e73558ce415477029
SHA256

453b98ef943b0069b7da8d6dcda6ac617395f71c1064f7bae1bb462d56f59dad
SHA512

e3f0d202b35caf2c2f854e119281b91c2947dfbcee3503491c7d498845be8a8eb6fd4bbc0e15fb3a73812576799cdd978e3a705073c48fa202229c3c6c5d3af2
SSDEEP

6144:vSdgS2+Vidje7jxfUzailT9H1LSEKVzmf2QJyzKJaPtm/ZKzI2HSSPy3:v2GbdjGtfUlpQQZ6KJmVIGK3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb0aaa3839c64423fa25d14cdaba6e6c_JaffaCakes118

Files

bb0aaa3839c64423fa25d14cdaba6e6c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33ad292239c06120c98120495e120766

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetACP
SetConsoleCP
GetStdHandle
GlobalLock
ReleaseMutex
GetWindowsDirectoryW
DeleteCriticalSection
InterlockedCompareExchange
GetCurrentProcessId
BeginUpdateResourceW
LeaveCriticalSection
GetEnvironmentStringsW
CreateEventW
GetOEMCP
GetStringTypeW
GlobalReAlloc
GetModuleHandleA
GetCommandLineA
LocalFree
GetStartupInfoA
GetSystemDefaultLangID
SetStdHandle
VirtualQuery
Sleep
ExitProcess
GetModuleFileNameW
TlsAlloc
FileTimeToLocalFileTime
GetTickCount
GetVersionExW
VirtualAlloc
GetSystemTimeAsFileTime
ResumeThread
DeleteFileA
SetLastError
ReadFile
IsProcessorFeaturePresent
LoadLibraryW
VirtualProtect
UnhandledExceptionFilter
WaitForSingleObject
GetFullPathNameW

user32

GetSystemMetrics
UnregisterClassA
DialogBoxParamW
GetForegroundWindow
UpdateWindow
PtInRect
CallWindowProcW
GetActiveWindow
RedrawWindow
OpenClipboard
LoadStringW
SendMessageW
GetDlgCtrlID
SetScrollInfo
IsChild
CharNextA

msvcrt

??2@YAPAXI@Z
__setusermatherr
_amsg_exit
_XcptFilter
_initterm
malloc

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 255KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 146B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33ad292239c06120c98120495e120766

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 61KB - Virtual size: 60KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 255KB - Virtual size: 254KB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 146B

.text
Size: 61KB - Virtual size: 60KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 255KB - Virtual size: 254KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 146B