bf7d66be43fcee4afc187e3233b330e0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bf7d66be43fcee4afc187e3233b330e0_JaffaCakes118
Size

425KB
MD5

bf7d66be43fcee4afc187e3233b330e0
SHA1

f692e2ffb640c8d173ff9fded42a26ae7bc879d4
SHA256

3191ec66fd56e1745b7e85b77b1d90bf50436cb891a8f8596e1d9878c31e605b
SHA512

90a4df9b925fc5138baa99a4107928f2e0e158c0a39f3b0ee751cd780e828082911c7eb855c417bde45100d516081d20d5cf4beb447b8bca51e19f5d3367a636
SSDEEP

12288:TKwVBows3z67uDZTuvMRd3g+wHhrGpWfrU:TKGBowyZkMRcHIf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf7d66be43fcee4afc187e3233b330e0_JaffaCakes118

Files

bf7d66be43fcee4afc187e3233b330e0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

31293540c44b1c952d2d46177b141917

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
VirtualAlloc
GetCurrentProcessId
GetCurrentThread
InterlockedDecrement
GetEnvironmentStrings
GetACP
CreateFileA
FindClose
InterlockedCompareExchange
WaitForSingleObjectEx
MultiByteToWideChar
GetOEMCP
CreateEventW
GetVersionExA
SetFilePointer
QueryPerformanceCounter
GetModuleHandleA
SetEvent
CreateEventA
CreateFileW
TerminateProcess
GetConsoleMode
GetFileSizeEx
WideCharToMultiByte
GetStringTypeW
SetHandleCount
LocalFree
GetCurrentProcess
EnterCriticalSection
GetStdHandle
WriteFile
FormatMessageW
WaitForSingleObject
ReadFile
HeapDestroy
CompareStringW
CompareStringA
GetLastError
GetCommandLineW
GetTimeZoneInformation
IsValidCodePage
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetProcAddress
ExitProcess
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
GetTickCount
GetSystemTimeAsFileTime
LeaveCriticalSection
FatalAppExitA
SetUnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSection
GetCPInfo
Sleep
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
GetLocaleInfoW
LCMapStringA
LCMapStringW
GetStringTypeA
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA

shell32

SHGetIconOverlayIndexA

iphlpapi

DeleteIpForwardEntry

scarddlg

ord4

Sections

.text
Size: 408KB - Virtual size: 407KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31293540c44b1c952d2d46177b141917

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

iphlpapi

scarddlg

Sections

.text Size: 408KB - Virtual size: 407KB

.data Size: 6KB - Virtual size: 28KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 408KB - Virtual size: 407KB

.data
Size: 6KB - Virtual size: 28KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 4KB