d0b322c33dd13a62dfbf3af1d74135d3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d0b322c33dd13a62dfbf3af1d74135d3_JaffaCakes118
Size

518KB
MD5

d0b322c33dd13a62dfbf3af1d74135d3
SHA1

3b97147ce8b5de11356e580aa3051047bd2478b5
SHA256

4c26348b38455ef6c826816f63ca8f482629cc3b876fd341dda90efa0e94ebb5
SHA512

1294ad98d342252db3d025c1ff256514c11158c0efd236daffbfe0ebdbe3b42ceb88c84f61959867af7b80fd0ee8161d62200c478c367849ce46084e030a9247
SSDEEP

12288:NzluZIn3PXEI1gEftMuw63Uc89fpf6p59FzxJh1SylU+6Z0:ZTn/P1gEftvx8B+FxJh1SylU+K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0b322c33dd13a62dfbf3af1d74135d3_JaffaCakes118

Files

d0b322c33dd13a62dfbf3af1d74135d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22b99a1eabd235dcfad9ff54dd891a8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetScrollInfo
LoadMenuIndirectW
GetKeyNameTextA
GetWindow
SetWindowLongW
MessageBoxA
IsCharAlphaNumericA
EmptyClipboard
DdeUnaccessData
LoadCursorA
RegisterClassExA
RemovePropW
EnumPropsA
DrawFocusRect
PostMessageW
DdeUninitialize
MapVirtualKeyA
DdeCreateStringHandleA
IsCharLowerW
RegisterClassA
CreateIconFromResourceEx
InvalidateRgn
SetTimer
GetLastActivePopup
ActivateKeyboardLayout
CharPrevA
GetWindowTextLengthW

kernel32

GlobalFindAtomW
GetStartupInfoW
GetConsoleOutputCP
TlsFree
GetDateFormatW
GetWindowsDirectoryW
TlsAlloc
GetModuleHandleA
QueryPerformanceCounter
UnhandledExceptionFilter
MoveFileExW
FreeEnvironmentStringsA
GetModuleFileNameW
GetStdHandle
IsValidLocale
GetEnvironmentVariableA
GetConsoleMode
GetACP
VirtualFree
TlsGetValue
GetCPInfo
EnterCriticalSection
GetLocaleInfoW
CreateFileA
CompareStringW
SetFilePointer
ExitProcess
HeapAlloc
WriteConsoleW
GetTimeZoneInformation
GetDateFormatA
SetUnhandledExceptionFilter
FreeLibrary
GetProcAddress
IsDebuggerPresent
TerminateProcess
MultiByteToWideChar
InterlockedDecrement
EnumSystemLocalesA
CreateDirectoryA
TlsSetValue
GetStartupInfoA
GetCurrentThreadId
FindFirstFileA
FreeEnvironmentStringsW
GetCurrentThread
WriteConsoleA
GetLastError
GetOEMCP
GetFileType
HeapReAlloc
CloseHandle
SetStdHandle
InterlockedExchange
GetStringTypeW
CreateMutexA
GetCurrentProcessId
HeapCreate
lstrcpynA
VirtualQuery
RtlUnwind
RtlFillMemory
GetVersionExA
SetEnvironmentVariableA
GetProcessHeap
IsValidCodePage
FlushFileBuffers
GetProfileSectionW
SetLastError
SetConsoleCP
GetTickCount
WriteConsoleOutputCharacterW
LoadLibraryA
WriteFile
LCMapStringW
DeleteFileA
DeleteCriticalSection
VirtualAlloc
GetLocaleInfoA
OpenMutexA
GetEnvironmentStrings
CreateSemaphoreA
GetEnvironmentStringsW
GetCommandLineA
GetCurrentProcess
WriteProfileSectionA
InterlockedIncrement
GetUserDefaultLCID
GetCommandLineW
LCMapStringA
LeaveCriticalSection
InitializeCriticalSection
SetPriorityClass
GetStringTypeA
WideCharToMultiByte
Sleep
ReadFile
SetConsoleCtrlHandler
LocalLock
CompareStringA
SetHandleCount
HeapFree
HeapSize
GetSystemTimeAsFileTime
GetConsoleCP
GetModuleFileNameA
HeapDestroy
GetTimeFormatA

comctl32

InitCommonControlsEx

Sections

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22b99a1eabd235dcfad9ff54dd891a8a

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 184KB - Virtual size: 184KB

.rdata Size: 10KB - Virtual size: 25KB

.data Size: 316KB - Virtual size: 315KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 184KB - Virtual size: 184KB

.rdata
Size: 10KB - Virtual size: 25KB

.data
Size: 316KB - Virtual size: 315KB

.rsrc
Size: 6KB - Virtual size: 6KB