bc4c74679b1d6f4c74de939e53f4fac6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bc4c74679b1d6f4c74de939e53f4fac6_JaffaCakes118
Size

474KB
MD5

bc4c74679b1d6f4c74de939e53f4fac6
SHA1

accc1cb46cb5ba4890133b2a97d1710a1e7ac60b
SHA256

bba799b98c71c7ae1aa3a93a0151a7f9a7856d9f25b9c45362a66340f9acd82e
SHA512

21dea4708d9c96483f8179a2a11ce2dc08c3df6fa4d3570166ded7823e65f1e1228adeb298c3edc60690d3ace50170b541f3f74bf81413298a1361a7cfbb3b62
SSDEEP

6144:YhJq3PhnnCQzptYKI1tLtcxkr5ooJWHoXkHfFad6WnfI6yL8PEyNQ:YG5n5zzut0kGoUHoUtadfnfXyLMEuQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc4c74679b1d6f4c74de939e53f4fac6_JaffaCakes118

Files

bc4c74679b1d6f4c74de939e53f4fac6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29978e2ca9d01560630656e6818bee99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
SetEndOfFile
GetUserDefaultLCID
GetTickCount
DeleteCriticalSection
InterlockedExchange
VirtualProtect
SetStdHandle
GetTimeFormatA
SetEnvironmentVariableA
GetDateFormatA
TlsSetValue
GetCommandLineA
GetLocaleInfoA
GetLocaleInfoW
MultiByteToWideChar
TlsFree
FreeEnvironmentStringsA
SetComputerNameA
ReadFile
lstrcpynA
TlsAlloc
GetStartupInfoA
EnterCriticalSection
CompareStringA
GetStringTypeA
ReadConsoleOutputAttribute
GetStdHandle
LoadLibraryA
EnumSystemLocalesA
HeapSize
GetCurrentThreadId
FlushFileBuffers
ExitProcess
QueryPerformanceCounter
HeapReAlloc
GetCurrentThread
GetStringTypeW
GetCurrentProcess
GetFileType
SetFilePointer
GetEnvironmentStringsW
HeapAlloc
GetSystemInfo
LeaveCriticalSection
GetCPInfo
RtlUnwind
LCMapStringW
GetACP
HeapFree
GetTempPathW
OpenMutexA
GetProcAddress
InitializeCriticalSection
GetOEMCP
SetCurrentDirectoryW
CreateWaitableTimerW
GetModuleHandleA
FreeEnvironmentStringsW
VirtualQuery
GetEnvironmentStrings
CloseHandle
IsValidCodePage
GetCurrentProcessId
GetLastError
UnhandledExceptionFilter
VirtualFree
DebugActiveProcess
HeapDestroy
TerminateProcess
VirtualAlloc
SetLastError
GetVersionExA
HeapCreate
GetEnvironmentStringsA
IsBadWritePtr
GetSystemTimeAsFileTime
GetTimeZoneInformation
CreateMutexA
GetVolumeInformationA
IsValidLocale
TlsGetValue
GetSystemDefaultLCID
WriteFile
SetHandleCount
GetModuleFileNameA
LCMapStringA
WideCharToMultiByte
MoveFileExA

user32

RegisterClassExA
DlgDirListComboBoxW
CallMsgFilterW
DdeKeepStringHandle
CallMsgFilter
GetGUIThreadInfo
RegisterClassA
DdeGetData
SetScrollRange
EnumPropsExW
CharPrevW

comctl32

InitCommonControlsEx

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29978e2ca9d01560630656e6818bee99

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 144KB - Virtual size: 143KB

.rdata Size: 7KB - Virtual size: 21KB

.data Size: 312KB - Virtual size: 312KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 7KB - Virtual size: 21KB

.data
Size: 312KB - Virtual size: 312KB

.rsrc
Size: 9KB - Virtual size: 8KB