c20dec893b104918d15bde5357ffd3a0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c20dec893b104918d15bde5357ffd3a0_JaffaCakes118
Size

156KB
MD5

c20dec893b104918d15bde5357ffd3a0
SHA1

667949293a4b41078d577dba3972e5d7a0655e60
SHA256

546880610c98db4ce7cca0ddc478698cda3a7d62e2eb02957326f4c5c0f8713a
SHA512

683659b4d24223d8c04d07611b4a103f8289ead64a774ed656814661b5f895531a1a885747e48698f98466fe6aafe028cfb920be8f6c54e4a24cda6efe6736e3
SSDEEP

3072:n2O7xBd4tfC4k3XPq3pz8O9LIriOeEyQZtc0UTNzxlkAxH2ah7Vs:n2OKCvv8IOirjeutmNzZH2a4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c20dec893b104918d15bde5357ffd3a0_JaffaCakes118

Files

c20dec893b104918d15bde5357ffd3a0_JaffaCakes118
.exe windows:1 windows x86 arch:x86

3fd83ec01834b1a4722b0ed94d43c28a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
LeaveCriticalSection
GetStartupInfoA
GetCommandLineW
ReadProcessMemory
ReadFile
HeapReAlloc
VirtualFree
GetSystemDirectoryA
TlsFree
GetConsoleCP
LoadLibraryW
HeapSize
Module32Next
CreateEventA
WaitForSingleObject
GetEnvironmentVariableA
MulDiv
WriteFile
SetLastError
EnterCriticalSection
DeviceIoControl
ExitProcess
GetModuleHandleW
InitializeCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
GetLocaleInfoA
GetStringTypeA
Module32First
GetEnvironmentStrings
InterlockedDecrement
MapViewOfFile
GetModuleHandleA
lstrcmpiA

user32

SendMessageTimeoutA
SetUserObjectSecurity
MsgWaitForMultipleObjects
GetDlgCtrlID
SetCursor
RegisterClassA
EnumChildWindows
EndPaint
DefDlgProcA
GetMessageA
GetDlgItemTextA
ReleaseCapture
MessageBoxA
TranslateMessage
LoadStringA
GetClientRect
KillTimer
GetMenuItemID
CallWindowProcA
PostMessageA
PeekMessageA
RegisterWindowMessageA
MoveWindow
SetTimer
EmptyClipboard
DestroyIcon
FindWindowA
SetClipboardData
GetClassLongA
RemoveMenu
EndDialog
CreateWindowExA
GetWindowLongA
DrawTextA
ChildWindowFromPoint
EnableWindow
CheckRadioButton
EndDeferWindowPos

msvcrt

_adjust_fdiv
_acmdln
__setusermatherr
__getmainargs
__p__fmode
__set_app_type
_exit
_except_handler3
_controlfp
_initterm
memcpy
exit
__p__commode
_XcptFilter

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fd83ec01834b1a4722b0ed94d43c28a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 188KB

.rsrc Size: 126KB - Virtual size: 125KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 188KB

.rsrc
Size: 126KB - Virtual size: 125KB