c13c5def7b3aed47979e1b796f153a6c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c13c5def7b3aed47979e1b796f153a6c_JaffaCakes118
Size

860KB
MD5

c13c5def7b3aed47979e1b796f153a6c
SHA1

56d611ec0258b15038ff43fab0823d0ed32e8452
SHA256

6c12cf39adeb30247f9e2ee0402a9b1c48c9a069380451c80867b508172ecc81
SHA512

5cec300ffeb2881ecd427515dc268b65f53f6bd8921a68a8634a4df6249508b08f8c55824d886f8d7277458401920416bd8a640acf7103e41710899a9b9bea07
SSDEEP

6144:NrJO4iYY4XZpE7P7emry+kp9I+69clHKvjbdyrAL26O+to1:XOlYY4X87DpCp9uprsrF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c13c5def7b3aed47979e1b796f153a6c_JaffaCakes118

Files

c13c5def7b3aed47979e1b796f153a6c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb409445af98b816c01c361c2dd9fec6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA

user32

CreateWindowExW
IsWindowVisible
OffsetRect
DrawMenuBar
SetWindowsHookExW
LoadImageA
IsDialogMessageA
ToAscii
NotifyWinEvent
LoadBitmapW
IsClipboardFormatAvailable
GrayStringA
IsCharAlphaNumericA
DestroyWindow
SetWindowLongW
BeginDeferWindowPos
LoadCursorW
GetWindowDC
EnumDisplaySettingsW
GetKeyboardType
DefMDIChildProcW
RegisterClassA
CreateDialogIndirectParamW
MapWindowPoints
SetWindowContextHelpId
InsertMenuItemA
SetProcessWindowStation
SetScrollPos
CharLowerBuffW
GetMessageA
OpenClipboard
CreateDesktopW
GetClassInfoExA

kernel32

EnumCalendarInfoW
DeleteFiber
GetPrivateProfileStringW
SetHandleCount
PurgeComm
CreateProcessA
GetBinaryTypeA
PeekNamedPipe
SetVolumeLabelA
GetEnvironmentVariableW
SetMailslotInfo
CreateEventA
ReadFile
SetLastError
VirtualUnlock
InitializeCriticalSection
GetOverlappedResult
GetFileInformationByHandle
CreateNamedPipeW
EnumTimeFormatsW
IsDBCSLeadByteEx
GetCPInfo
IsBadStringPtrA
CreateMutexA
LeaveCriticalSection
ExpandEnvironmentStringsW
GetVersion
FillConsoleOutputCharacterA
GlobalUnlock
LoadResource
GlobalFree
EnumResourceNamesA
GetShortPathNameA
UnhandledExceptionFilter
CompareStringW
ExitProcess
lstrcpyA
CreateDirectoryExA
ScrollConsoleScreenBufferA
GetDiskFreeSpaceExA
LocalReAlloc
FindNextChangeNotification
GetThreadPriority
SetProcessAffinityMask
WriteProcessMemory
FlushConsoleInputBuffer
FindCloseChangeNotification
WritePrivateProfileSectionA
GetModuleHandleA
GetSystemTime
SetSystemTime
GetTempFileNameA
GetACP
SetFileTime

msvcrt

_read
_wcsupr
_wputenv
_mbsupr
wcscmp
_stat
wcstol
_popen
_snprintf
wcsncmp
_wstrtime
_makepath
strncpy
_ismbcspace
mbtowc
_wtoi64
getenv
_stricmp
wcscspn

Sections

.text
Size: 7KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 613KB - Virtual size: 612KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb409445af98b816c01c361c2dd9fec6

Headers

File Characteristics

Imports

version

user32

kernel32

msvcrt

Sections

.text Size: 7KB - Virtual size: 224KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 613KB - Virtual size: 612KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 7KB - Virtual size: 224KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 613KB - Virtual size: 612KB

.rsrc
Size: 17KB - Virtual size: 16KB