d048c2e473ba20f9c1fed3046cc861fc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d048c2e473ba20f9c1fed3046cc861fc_JaffaCakes118
Size

1.5MB
MD5

d048c2e473ba20f9c1fed3046cc861fc
SHA1

4a475d5c1aa8139da32fc1d0fe9aabcbf5c02a37
SHA256

02d36912c68b5756f19d50ac4881ba88211b8852d01422b511b6db0a3d8367bd
SHA512

ca4a569181c1c9ec9f5cb40e82340ae216d4ab60f6dad7edc10d66fcbe9023e5147f5125a4473767b6df6428ba087bf52edad39e5be78c8c1d45bb02b5d0a04e
SSDEEP

49152:uLpD0OBPV1DES+ICcswDwHkjTx/qkC0Jich:uLpb0SsPREP4R6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d048c2e473ba20f9c1fed3046cc861fc_JaffaCakes118

Files

d048c2e473ba20f9c1fed3046cc861fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bed2764c794fa2843e23f3b9478b472c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetCurrentProcessId
GetStartupInfoA
ReadFile
LoadLibraryA
GetCurrentThreadId
HeapAlloc
WriteFile
SetThreadContext
WideCharToMultiByte
TlsAlloc
MultiByteToWideChar
GlobalAddAtomA
VirtualAlloc
GetOEMCP
GetFileType
TlsGetValue
FreeEnvironmentStringsA
IsBadWritePtr
VirtualQuery
GetStdHandle
GetLocaleInfoA
CompareStringA
MoveFileExA
GetModuleHandleA
TlsSetValue
GetCPInfo
GetProcAddress
GetModuleFileNameA
InterlockedExchange
CopyFileA
CreateDirectoryExA
GetTickCount
HeapSize
GetStartupInfoW
GetStringTypeW
GetVersionExA
LoadModule
QueryPerformanceCounter
FlushFileBuffers
GetTimeFormatA
LCMapStringA
GetEnvironmentStrings
ExitProcess
CloseHandle
HeapCreate
GetLocaleInfoW
OpenMutexA
LeaveCriticalSection
GetACP
RtlUnwind
SetStdHandle
GetStringTypeA
EnterCriticalSection
CompareStringW
GetCurrentThread
GetLastError
HeapDestroy
InitializeCriticalSection
HeapReAlloc
GetDateFormatA
EnumSystemLocalesA
GetCurrencyFormatA
CreateMutexA
GetEnvironmentStringsW
SetHandleCount
GetTimeZoneInformation
TerminateProcess
TlsFree
FileTimeToSystemTime
SetConsoleMode
GetNumberFormatW
GetCommandLineA
IsValidLocale
GetShortPathNameW
VirtualFree
HeapFree
DeleteCriticalSection
FreeEnvironmentStringsW
ReadConsoleOutputAttribute
LCMapStringW
SetLastError
VirtualProtect
IsValidCodePage
SetEnvironmentVariableA
GetCurrentProcess
GetSystemInfo
SetFilePointer

user32

LoadImageW
OpenDesktopA
ReplyMessage
DestroyCursor
CopyAcceleratorTableA
wsprintfW
WaitMessage
DdeQueryNextServer
TileWindows
GetTabbedTextExtentW
PackDDElParam
SetRectEmpty
SetClassWord
OemToCharBuffA
EndPaint
EnumClipboardFormats
RegisterClassExA
DrawMenuBar
DdeCmpStringHandles
SetThreadDesktop
MonitorFromRect
TabbedTextOutW
GetMessageW
GetKeyboardLayout
RegisterClassA
LookupIconIdFromDirectoryEx

comctl32

ImageList_DragLeave
InitCommonControlsEx
CreatePropertySheetPageA
ImageList_GetBkColor
ImageList_Destroy

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bed2764c794fa2843e23f3b9478b472c

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 125KB - Virtual size: 125KB

.rdata Size: 244KB - Virtual size: 253KB

.data Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 125KB - Virtual size: 125KB

.rdata
Size: 244KB - Virtual size: 253KB

.data
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 15KB - Virtual size: 15KB