c7b7a01fa75e3e4c23bba5c9d09a549e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c7b7a01fa75e3e4c23bba5c9d09a549e_JaffaCakes118
Size

227KB
MD5

c7b7a01fa75e3e4c23bba5c9d09a549e
SHA1

e5380affb0ef18a3ffa10bcd52d4df9a003420d9
SHA256

730d1bcc5f28a93afe69cd830e951304256f7caba2cd7407c5d2fb1f4b86cf66
SHA512

4706a97c7bef41cd39e4f860e8618ccb4325e954d2c7a7e77a585f408fc99f927110ab43ae64a44e2bc1f45dc8219c5e38a71b866f3d9140089620eb9c07a8cc
SSDEEP

6144:RgJ0eqJ1qwoo5zCQZRXgiSvrjQwx6wSqUR:G0eqJgwNzVJSDswaj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7b7a01fa75e3e4c23bba5c9d09a549e_JaffaCakes118

Files

c7b7a01fa75e3e4c23bba5c9d09a549e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f54e458d1e07578edfa839545539fea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
CompareFileTime
HeapCreate
FindNextFileW
RtlUnwind
GetLocaleInfoW
SetConsoleTitleA
GetCurrentProcess
GetEnvironmentStrings
VirtualAlloc
InitializeCriticalSection
GetUserDefaultLCID
HeapReAlloc
GetCommandLineA
ConnectNamedPipe
GetCPInfo
CompareStringA
HeapSize
GetModuleFileNameA
DeleteCriticalSection
GetLocaleInfoA
ExitProcess
FreeEnvironmentStringsA
GetLastError
WideCharToMultiByte
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetEnvironmentStringsW
LockResource
GetStringTypeA
QueryPerformanceCounter
SetLastError
LCMapStringA
UnlockFileEx
IsValidLocale
SetEnvironmentVariableA
LoadResource
HeapAlloc
GetCurrentThread
HeapFree
ReadConsoleOutputA
VirtualFree
GetCurrentProcessId
GetSystemInfo
GetModuleFileNameW
VirtualProtect
LeaveCriticalSection
GetStdHandle
WaitForDebugEvent
FreeEnvironmentStringsW
GetOEMCP
CompareStringW
TlsGetValue
LCMapStringW
ReadConsoleInputW
GetDriveTypeA
UnhandledExceptionFilter
TlsSetValue
TlsFree
MapViewOfFileEx
InterlockedDecrement
IsValidCodePage
WriteFile
EnumDateFormatsExA
GetFileSize
GetStartupInfoW
GetProcAddress
GetACP
GetCommandLineW
GetVersionExW
GetVersionExA
InterlockedExchange
GetStringTypeW
TlsAlloc
GetDateFormatA
VirtualQuery
SetHandleCount
MultiByteToWideChar
GetSystemDirectoryW
HeapDestroy
GetCurrentThreadId
GetTimeFormatA
ReleaseSemaphore
TerminateProcess
EnumSystemLocalesA
GetTimeZoneInformation
CreateFileA
GetModuleHandleA
IsBadWritePtr
GetFileType
GetStartupInfoA
WaitNamedPipeA

advapi32

RegReplaceKeyW

comdlg32

PrintDlgW
PageSetupDlgA
PageSetupDlgW
GetOpenFileNameW
FindTextA
ReplaceTextW
ChooseFontW
ChooseColorW
FindTextW
GetOpenFileNameA
LoadAlterBitmap

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 730B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f54e458d1e07578edfa839545539fea

Headers

File Characteristics

Imports

kernel32

advapi32

comdlg32

Sections

.text Size: 115KB - Virtual size: 115KB

.data Size: 110KB - Virtual size: 124KB

.rsrc Size: 1024B - Virtual size: 730B

.text
Size: 115KB - Virtual size: 115KB

.data
Size: 110KB - Virtual size: 124KB

.rsrc
Size: 1024B - Virtual size: 730B