c839abd5ed43038f0339ca2a23b740ba_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c839abd5ed43038f0339ca2a23b740ba_JaffaCakes118
Size

448KB
MD5

c839abd5ed43038f0339ca2a23b740ba
SHA1

5b471d4b8647439e587470fc3c9044f0d1b4b028
SHA256

bedbaa70650f5956ba8d911147b3f80e9c554d9f64f3528dd7696104c1dd3a8a
SHA512

f4032ab7f6e13e6c79353a746f50693eb114a835ef690d319e8e91f9b52a6dc8db07386aa0aaf43825b2ed7ed07b7572e159f2234b776434db87d134add05fb8
SSDEEP

12288:qSYOU8vajmz43mIYYM24N3F8Yp9/9Cik/Z2:qSY6ajmz43Fh45LL/0ik

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c839abd5ed43038f0339ca2a23b740ba_JaffaCakes118

Files

c839abd5ed43038f0339ca2a23b740ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

075efad7d5a50e491f858bc3f41ea243

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragFinish
ShellExecuteA
CommandLineToArgvW
SheChangeDirA
DragQueryFileA

comdlg32

FindTextA
GetFileTitleA
ChooseColorA
ChooseFontA

kernel32

TerminateProcess
HeapAlloc
GetSystemTimeAsFileTime
GetTickCount
HeapFree
GetCurrentThreadId
HeapDestroy
FreeEnvironmentStringsW
ConnectNamedPipe
LeaveCriticalSection
IsValidLocale
FillConsoleOutputCharacterA
IsValidCodePage
QueryPerformanceCounter
GetCPInfo
GetLastError
InitializeCriticalSection
EnumSystemCodePagesW
HeapCreate
GetCurrentThread
GetLocaleInfoW
GetEnvironmentStrings
MultiByteToWideChar
RtlUnwind
GetCurrentProcessId
GetLocaleInfoA
GetUserDefaultLCID
GetOEMCP
CompareStringW
AllocConsole
LoadLibraryA
EnumSystemLocalesA
UnhandledExceptionFilter
WideCharToMultiByte
WriteFile
LCMapStringA
GetVersionExA
LCMapStringW
TlsFree
GlobalAddAtomW
TlsGetValue
GetStringTypeW
WriteConsoleOutputA
GetDateFormatA
InterlockedExchange
GetStringTypeA
GetVersion
ExitProcess
DeleteCriticalSection
GetModuleHandleA
GetProcAddress
LockFileEx
GetFileType
SetThreadIdealProcessor
GetStdHandle
GetCurrencyFormatW
GetSystemInfo
FindResourceExW
TlsSetValue
FreeEnvironmentStringsA
VirtualAlloc
GetACP
EnterCriticalSection
HeapReAlloc
GetCommandLineA
SetHandleCount
GetStartupInfoA
SetEnvironmentVariableA
GetTimeZoneInformation
OpenFileMappingA
TlsAlloc
GetProcessHeaps
LocalShrink
VirtualProtect
SetLastError
IsBadWritePtr
VirtualFree
GetModuleFileNameA
VirtualQuery
HeapSize
GetEnvironmentStringsW
GetCurrentProcess
SetConsoleActiveScreenBuffer
GlobalHandle
EnumResourceNamesA
CompareStringA
VirtualQueryEx
GetTimeFormatA
OpenSemaphoreA

Sections

.text
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

075efad7d5a50e491f858bc3f41ea243

Headers

File Characteristics

Imports

shell32

comdlg32

kernel32

Sections

.text Size: 157KB - Virtual size: 157KB

.rdata Size: 7KB - Virtual size: 22KB

.data Size: 279KB - Virtual size: 279KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 157KB - Virtual size: 157KB

.rdata
Size: 7KB - Virtual size: 22KB

.data
Size: 279KB - Virtual size: 279KB

.rsrc
Size: 3KB - Virtual size: 3KB