bfebf7c20eb5011df61bdb7e923e45b2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bfebf7c20eb5011df61bdb7e923e45b2_JaffaCakes118
Size

483KB
MD5

bfebf7c20eb5011df61bdb7e923e45b2
SHA1

04c8a47e3c72a7fd20b050bd924cf57c2dfd884c
SHA256

73852acb0522b68c20b9c90bac4de253c0eaa9a7646999ee5b7d844c727b3dbf
SHA512

80ac1c2d88e9ecee0d30dae8e82e949c3742bb02f6877f51f09851928372a54be2877fc970bead8e91e114635f11353e6d1f2ceb29b4cec17b79346b75ae5056
SSDEEP

12288:NBi5h86yuBZIu1ELydTj+vxaEz0hlpJfkeouYZX:NBigSZYWTj+Nz0fphke+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfebf7c20eb5011df61bdb7e923e45b2_JaffaCakes118

Files

bfebf7c20eb5011df61bdb7e923e45b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f425698225a0dfbaac37b54cf79c33db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMenu
LockWindowUpdate
RegisterClassExA
EnumThreadWindows
GetMenuItemRect
BlockInput
RegisterClassA
CharLowerBuffA

comctl32

InitCommonControlsEx

kernel32

GetStartupInfoA
LCMapStringA
OpenMutexA
lstrcpyA
GetStringTypeA
TlsSetValue
HeapCreate
HeapAlloc
LoadLibraryA
GetStdHandle
CompareStringW
FreeEnvironmentStringsA
QueryPerformanceCounter
GetModuleHandleA
IsBadReadPtr
GetFileType
IsBadWritePtr
GetCurrentThreadId
GetCommandLineA
InterlockedDecrement
GetSystemTime
TlsAlloc
MultiByteToWideChar
GetLastError
SetEnvironmentVariableA
TlsGetValue
GetCurrentThread
HeapReAlloc
GetProcAddress
WideCharToMultiByte
GetCurrentProcess
ReadFile
SetLastError
FindResourceExW
WriteFile
GetOEMCP
HeapFree
VirtualAlloc
LCMapStringW
SetStdHandle
VirtualQuery
FlushFileBuffers
GetCurrentProcessId
InterlockedExchange
GetTickCount
FreeEnvironmentStringsW
InterlockedIncrement
TerminateProcess
GetVersion
TlsFree
CloseHandle
CreateMutexA
LeaveCriticalSection
GetEnvironmentStrings
DeleteCriticalSection
ExitProcess
GetModuleFileNameA
SetHandleCount
EnterCriticalSection
GetTimeZoneInformation
GetNumberFormatA
VirtualFree
RtlUnwind
GetSystemTimeAsFileTime
GetACP
SetTimeZoneInformation
UnhandledExceptionFilter
GetCPInfo
HeapDestroy
InitializeCriticalSection
FillConsoleOutputCharacterA
SetFilePointer
GetStringTypeW
ExpandEnvironmentStringsW
GetFileAttributesExA
GetEnvironmentStringsW
GetLocalTime
CompareStringA

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f425698225a0dfbaac37b54cf79c33db

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 3KB - Virtual size: 32KB

.data Size: 312KB - Virtual size: 312KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 3KB - Virtual size: 32KB

.data
Size: 312KB - Virtual size: 312KB

.rsrc
Size: 10KB - Virtual size: 9KB