c8dfd912e89a5dd683a76618df707183_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c8dfd912e89a5dd683a76618df707183_JaffaCakes118
Size

553KB
MD5

c8dfd912e89a5dd683a76618df707183
SHA1

bf8cd1e48c692bcd0821e866bb417bb5c63d2e53
SHA256

01863262fbbfcdfcffdaa9b3999cf31d18606f603888e17c52b67333a2a22901
SHA512

c774576b4c4ccc7d69ead8ea4b41f21077c9e8b591c8776b055779e77f4b98c226e95e66dfbe3bd7a3713c7f9a97d0f7a1eb5e24e0a4526fc369776207288ee6
SSDEEP

12288:Ki0bNZe2lPJhWFX3srfWv/nw3j2nVKEz8:KXbfe2lPJWnsreHwKz8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8dfd912e89a5dd683a76618df707183_JaffaCakes118

Files

c8dfd912e89a5dd683a76618df707183_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e165200064369950dad9e9d664ba1445

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

RegisterClassA
GetMessageA
RegisterClassExA

kernel32

GetLocalTime
GetSystemDefaultLCID
GetACP
IsBadReadPtr
IsBadWritePtr
GetLastError
FreeEnvironmentStringsW
DuplicateHandle
RtlUnwind
GetStdHandle
LocalAlloc
lstrcpyW
GetCurrentThread
GetStringTypeW
GetThreadPriority
ReadFile
SetConsoleCtrlHandler
FreeLibrary
HeapCreate
VirtualFree
GetVersion
TransmitCommChar
WriteFile
CompareFileTime
InterlockedDecrement
InitializeCriticalSection
GetTickCount
GetPrivateProfileSectionNamesA
InterlockedExchange
SetStdHandle
InterlockedIncrement
GetNamedPipeInfo
GetTimeZoneInformation
GetEnvironmentStringsW
CompareStringW
SetHandleCount
CreateMutexA
OutputDebugStringA
EnterCriticalSection
GetModuleFileNameA
HeapReAlloc
SetFilePointer
EnumCalendarInfoExW
GetCurrentProcess
FlushFileBuffers
HeapDestroy
GetCPInfo
HeapValidate
HeapFree
SetLastError
CloseHandle
OpenMutexA
TlsGetValue
GetCurrentProcessId
lstrcpynA
CompareStringA
LCMapStringA
LCMapStringW
TlsSetValue
QueryPerformanceCounter
DeleteCriticalSection
UnhandledExceptionFilter
GetFileType
GetEnvironmentStrings
WaitForDebugEvent
SetConsoleWindowInfo
GetProcAddress
WideCharToMultiByte
TlsFree
TerminateProcess
LeaveCriticalSection
DebugBreak
GetSystemTime
VirtualAlloc
LoadLibraryA
GetCurrentDirectoryW
GetCurrentThreadId
FreeEnvironmentStringsA
GetStartupInfoA
ExitProcess
VirtualQuery
GetStringTypeA
GetModuleHandleA
GetSystemTimeAsFileTime
WritePrivateProfileStringA
LoadLibraryExA
TlsAlloc
HeapAlloc
GetCommandLineA
MultiByteToWideChar
GetOEMCP
SetEnvironmentVariableA
GetConsoleOutputCP

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e165200064369950dad9e9d664ba1445

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 179KB - Virtual size: 179KB

.rdata Size: 7KB - Virtual size: 24KB

.data Size: 356KB - Virtual size: 355KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 179KB - Virtual size: 179KB

.rdata
Size: 7KB - Virtual size: 24KB

.data
Size: 356KB - Virtual size: 355KB

.rsrc
Size: 10KB - Virtual size: 9KB