bb7d13c2ce95e396f36d8d387c20e128_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bb7d13c2ce95e396f36d8d387c20e128_JaffaCakes118
Size

421KB
MD5

bb7d13c2ce95e396f36d8d387c20e128
SHA1

493341145db85465753b30bbe9f0253f86bbd4f4
SHA256

8730c8a0bf6f98b507d11a84f8e6459b364d8b1f845998042c007cc142f092d8
SHA512

ef1cd5fe74334de31a6949c47314141c6772b6c51a9ab9dc0a466ad93539c7f831c0939c78052e1a6118a95306ffca3c6619b612a2cdb36e21bc6d10bcd19ac0
SSDEEP

6144:RraLVg5qWkp8wf5huJxT+lLF4rGCQFbcOnVQRdINZluY8:daJg1wj4xTblqVQR0l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb7d13c2ce95e396f36d8d387c20e128_JaffaCakes118

Files

bb7d13c2ce95e396f36d8d387c20e128_JaffaCakes118
.exe windows:4 windows x86 arch:x86

216975dee5a763a4c4d173d6e6ae424f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
OpenFileMappingA
GetModuleHandleA
GetStringTypeW
IsValidCodePage
WriteFile
GetCommandLineA
GetLocaleInfoA
RtlUnwind
SetFilePointer
FlushViewOfFile
Sleep
GetCurrentProcess
InterlockedExchange
MultiByteToWideChar
IsDebuggerPresent
WriteConsoleW
SetConsoleCtrlHandler
SetConsoleActiveScreenBuffer
FreeEnvironmentStringsW
InterlockedIncrement
LeaveCriticalSection
FreeLibrary
GetModuleFileNameA
GetCurrentThread
WriteConsoleA
GetEnvironmentStringsW
LoadLibraryA
UnhandledExceptionFilter
QueryPerformanceCounter
GetPrivateProfileIntA
GetOEMCP
EnterCriticalSection
GetConsoleCP
FreeEnvironmentStringsA
HeapAlloc
VirtualAlloc
ReadFile
CreateEventA
CompareStringA
CloseHandle
SetConsoleTitleW
GetEnvironmentStrings
EnumSystemLocalesA
WideCharToMultiByte
AddAtomW
GetConsoleMode
GetConsoleTitleA
OpenMutexA
VirtualFree
EnumSystemLocalesW
GetLastError
GetDateFormatA
FlushFileBuffers
GetTimeFormatA
LoadLibraryExA
InterlockedDecrement
IsValidLocale
GetFileType
InitializeCriticalSection
GetSystemTimeAsFileTime
CreateProcessW
TlsFree
GetCurrentThreadId
GetConsoleOutputCP
SetHandleCount
HeapReAlloc
TlsGetValue
HeapFree
SetEnvironmentVariableA
RemoveDirectoryA
CreateFileA
GetCPInfo
GetACP
CreateMutexA
TerminateProcess
GetStringTypeA
SetUnhandledExceptionFilter
SuspendThread
TlsAlloc
SetLastError
CompareStringW
GetTimeZoneInformation
VirtualLock
GetTickCount
DeleteCriticalSection
HeapSize
TlsSetValue
ExitProcess
GetStringTypeExA
GetLocaleInfoW
GetStartupInfoA
WriteConsoleOutputCharacterA
FindAtomA
SetStdHandle
LoadModule
GetUserDefaultLCID
LCMapStringA
GetStdHandle
GetProcessHeap
LCMapStringW
GetProcAddress
HeapDestroy
lstrcmpW
VirtualQuery
GetVersionExA
GetCurrentProcessId
ReadConsoleW
LockResource

comdlg32

ChooseFontW
GetFileTitleA
LoadAlterBitmap

user32

GetIconInfo
LoadCursorW
SendIMEMessageExW
CreateDialogIndirectParamW
EnumPropsExA
SetWindowsHookExW
RegisterClassA
WINNLSGetIMEHotkey
WindowFromPoint
BroadcastSystemMessageA
SetShellWindow
FreeDDElParam
GetWindowPlacement
EnumDisplayMonitors
RegisterClassExA
MessageBoxIndirectA

comctl32

InitCommonControlsEx

Sections

.text
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 211KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

216975dee5a763a4c4d173d6e6ae424f

Headers

File Characteristics

Imports

kernel32

comdlg32

user32

comctl32

Sections

.text Size: 193KB - Virtual size: 193KB

.rdata Size: 10KB - Virtual size: 17KB

.data Size: 211KB - Virtual size: 211KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 193KB - Virtual size: 193KB

.rdata
Size: 10KB - Virtual size: 17KB

.data
Size: 211KB - Virtual size: 211KB

.rsrc
Size: 5KB - Virtual size: 4KB