c77c17056f4feb70895c45c4c3d3a7c8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c77c17056f4feb70895c45c4c3d3a7c8_JaffaCakes118
Size

304KB
MD5

c77c17056f4feb70895c45c4c3d3a7c8
SHA1

8a288152a8ea21a2e676bf8aea810f8d254f01c5
SHA256

7c9ab90f3b15f6a4aff8165ce23091ee7144d031bc8a0867c3d798622737e2b3
SHA512

a4bd99954f2290644701b292d13ed0aab4cac66738ae2b92abaa1a6883aae8dc176c3dd12ab61aa482106db88a59aa3577782747410c8e8bcd87aecff8f59366
SSDEEP

6144:7qXTtP2zVR+JYe4GABA7oJI46jkDFaFcOCXx:ctwsL4GAW7oybj48uOCXx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c77c17056f4feb70895c45c4c3d3a7c8_JaffaCakes118

Files

c77c17056f4feb70895c45c4c3d3a7c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

495304b8d97184435324799b6d111e0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\e

Imports

user32

GetLastActivePopup
CreateWindowExA
RegisterClassA
GetClassLongA
GetNextDlgGroupItem
InsertMenuItemA
DestroyWindow
RegisterClassExW
HideCaret
RegisterClassExA
OpenInputDesktop
SetWindowsHookExA
SetMenuItemInfoW
TabbedTextOutW
DefMDIChildProcW
GetForegroundWindow
ShowWindow
GetWindowLongW
DefWindowProcW
BroadcastSystemMessageW
GetOpenClipboardWindow
DialogBoxParamA
GetClipboardOwner
IsCharAlphaW
GetCaretBlinkTime
MessageBoxW
GetQueueStatus
GetMessagePos
GetMenuBarInfo
IsDialogMessageW

comctl32

ImageList_DragLeave
DrawStatusText
DrawInsert
ImageList_Destroy
InitCommonControlsEx

kernel32

LeaveCriticalSection
RtlUnwind
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetModuleFileNameA
VirtualQuery
EnterCriticalSection
LCMapStringA
GetTickCount
HeapAlloc
GetTimeZoneInformation
HeapReAlloc
MultiByteToWideChar
WideCharToMultiByte
lstrlen
GetModuleHandleA
GetCurrentThread
GetStringTypeW
CreateMutexA
RtlFillMemory
FreeEnvironmentStringsA
SetEnvironmentVariableA
SetLastError
TlsGetValue
TerminateProcess
GetLastError
TlsAlloc
GetACP
GetEnvironmentStrings
GetFileType
ExitProcess
HeapFree
CloseHandle
InterlockedIncrement
GetVersion
SetStdHandle
TlsSetValue
GetCurrentProcess
SetHandleCount
CompareStringW
FillConsoleOutputAttribute
VirtualFree
ReadFile
WriteFile
LCMapStringW
GetStartupInfoA
InitializeCriticalSection
SetFilePointer
GetStartupInfoW
GetLocalTime
HeapDestroy
GetCPInfo
GetStringTypeA
GetStdHandle
IsBadWritePtr
WriteConsoleOutputCharacterW
GetCurrentThreadId
InterlockedExchange
GlobalFindAtomA
CompareStringA
GetSystemTime
HeapCreate
VirtualAlloc
DeleteCriticalSection
OpenMutexA
GetProcAddress
CreateSemaphoreW
QueryPerformanceCounter
LoadLibraryA
GetCommandLineA
InterlockedDecrement
GetCurrentProcessId
TlsFree
GetOEMCP
FreeEnvironmentStringsW
FlushFileBuffers
GetEnvironmentStringsW

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

495304b8d97184435324799b6d111e0e

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 72KB - Virtual size: 69KB

.data Size: 84KB - Virtual size: 112KB

.rsrc Size: 80KB - Virtual size: 79KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 72KB - Virtual size: 69KB

.data
Size: 84KB - Virtual size: 112KB

.rsrc
Size: 80KB - Virtual size: 79KB