c96de88e89e2d4366ee66b50c2bf9f81_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c96de88e89e2d4366ee66b50c2bf9f81_JaffaCakes118
Size

181KB
MD5

c96de88e89e2d4366ee66b50c2bf9f81
SHA1

247898cec1a2f8abe579055ec0d89732668a2022
SHA256

dfc0cdcc163540c63c324f24b05164bc1a49d51e648322ac4fec1d616b8929c6
SHA512

8c34ba125eef5b7f14471da46d2e775919820249260d9dee075502cc074388c9d09b5c398e20038380bfd8afe279b7afa429395db59713511910bd59c220484a
SSDEEP

3072:N0GjhlqFovWo8bsOkgjDA3VRgTPsGHXIrdKVrCDQYoAYgm9aB0LEVr3:NbVFg3keARkORgMQzAYp940e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c96de88e89e2d4366ee66b50c2bf9f81_JaffaCakes118

Files

c96de88e89e2d4366ee66b50c2bf9f81_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba5d8664ca6ebbfa9d332803a481dafd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
lstrlenA
SetFileAttributesA
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
SetStdHandle
HeapSize
FlushFileBuffers
SetFilePointer
ReadFile
LCMapStringW
LCMapStringA
GetCurrentThreadId
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
IsBadWritePtr
HeapReAlloc
VirtualAlloc
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetLastError
GetStartupInfoA
GetFileType
GetStdHandle
lstrcmpiA
GetCommandLineA
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
GetOEMCP
Sleep
GetModuleHandleA
GetVersion
ExitProcess
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte

user32

LoadCursorFromFileA
wsprintfA
GetGUIThreadInfo
FindWindowA
GetScrollRange
GetScrollPos
GetCursorPos
SetCursorPos
GetClientRect
GetDC
MonitorFromRect
ReleaseDC
EnumDisplayMonitors
CopyImage
IsWindowEnabled
PostMessageA
RegisterHotKey
ClientToScreen
GetMonitorInfoA
MonitorFromWindow
MessageBoxA
MonitorFromPoint
GetWindowRect

gdi32

CreateBrushIndirect

comdlg32

GetOpenFileNameA

advapi32

GetUserNameA

shlwapi

PathFileExistsA
PathAppendA
PathBuildRootA

imagehlp

MakeSureDirectoryPathExists

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba5d8664ca6ebbfa9d332803a481dafd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shlwapi

imagehlp

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 143KB - Virtual size: 142KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 143KB - Virtual size: 142KB