d0a63504083dbd08bfa72787ce21a677_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d0a63504083dbd08bfa72787ce21a677_JaffaCakes118
Size

377KB
MD5

d0a63504083dbd08bfa72787ce21a677
SHA1

a1f8fb462a44c5700f9251f4f456f46d362fc240
SHA256

8be593f924b53d2a35678293697f3b92320787ce9cc319528170d3ace37f330c
SHA512

11ed33039cc139036c6adb55f0e69197bf7e780a8c9474906ff13dec3c6394379343e4c5a80e500b12686254c15826d75ddd3379ffc1baa854271332e43fe150
SSDEEP

6144:xxq7eJ63m6EAywCpUJB3k1G9TKhTJ1TLBt5RES3a4CuPM3J5JNTC:jq7ARTAywCpmujdJ1Lr33CgM3dJC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0a63504083dbd08bfa72787ce21a677_JaffaCakes118

Files

d0a63504083dbd08bfa72787ce21a677_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f45ccc6fb65bd1e823653fa66c301fa2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowOwnedPopups
SetWindowTextW
EndTask
CreateWindowExA
LoadStringW
RegisterClassA
GetMenuItemInfoW
EnableMenuItem
RegisterClassExA
GetShellWindow
CreateMenu
UnregisterClassA

kernel32

QueryPerformanceCounter
SetEnvironmentVariableA
GetCurrentThreadId
GetSystemInfo
CreateMutexA
FlushFileBuffers
CompareFileTime
GetCurrentProcessId
SetStdHandle
TerminateProcess
GetStringTypeW
InterlockedIncrement
GetStartupInfoW
VirtualProtect
RtlUnwind
GetFileAttributesExW
ExitThread
ExitProcess
FreeEnvironmentStringsA
GetCompressedFileSizeW
GetEnvironmentStrings
OutputDebugStringA
CompareStringA
InitializeCriticalSection
OpenMutexA
SetHandleCount
GetCommandLineW
GetCurrentProcess
GetModuleFileNameA
EnumSystemLocalesA
GetACP
IsValidCodePage
HeapDestroy
IsValidLocale
MultiByteToWideChar
GetUserDefaultLCID
LeaveCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapValidate
DebugBreak
GetProcAddress
TlsFree
ReadFile
LCMapStringW
GetTickCount
GetVersionExA
GlobalAlloc
HeapFree
WriteFile
GetTimeZoneInformation
HeapAlloc
SetCurrentDirectoryW
VirtualQuery
GetModuleHandleA
SetFilePointer
WideCharToMultiByte
GetModuleFileNameW
EnumDateFormatsA
HeapReAlloc
InterlockedExchange
GetLocaleInfoW
DeleteCriticalSection
GetFileType
GetLocaleInfoA
GetCommandLineA
GetTimeFormatA
SetLastError
GetStringTypeA
SetCurrentDirectoryA
InterlockedDecrement
IsBadWritePtr
UnhandledExceptionFilter
GetLastError
ConnectNamedPipe
LCMapStringA
EnterCriticalSection
SetConsoleCtrlHandler
IsBadReadPtr
VirtualAlloc
TlsSetValue
GetCPInfo
GetStdHandle
LoadLibraryA
CompareStringW
GetStartupInfoA
VirtualFree
GetCurrentThread
TlsGetValue
HeapCreate
GetSystemTimeAsFileTime
GetOEMCP
GetDateFormatA
CloseHandle
TlsAlloc

comctl32

InitCommonControlsEx

shell32

SHGetDesktopFolder
SHGetDiskFreeSpaceA
DragAcceptFiles
SheGetDirA
SheChangeDirA

Sections

.text
Size: 211KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f45ccc6fb65bd1e823653fa66c301fa2

Headers

File Characteristics

Imports

user32

kernel32

comctl32

shell32

Sections

.text Size: 211KB - Virtual size: 211KB

.rdata Size: 11KB - Virtual size: 32KB

.data Size: 148KB - Virtual size: 147KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 211KB - Virtual size: 211KB

.rdata
Size: 11KB - Virtual size: 32KB

.data
Size: 148KB - Virtual size: 147KB

.rsrc
Size: 5KB - Virtual size: 4KB