d12350bf2d4106a5ff99b99ec1e75c7a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d12350bf2d4106a5ff99b99ec1e75c7a_JaffaCakes118
Size

340KB
MD5

d12350bf2d4106a5ff99b99ec1e75c7a
SHA1

782b66cb364550a53ead5545c41245c57edc56d8
SHA256

1a4528b477ae7b42df04ee3f1e2abcc12d89be316262ab8b852fdf90a644c012
SHA512

00514b008f4b48f80c57666ce2d5b4f64359cb1341fbe5bcb7d2cdc5fcbbd677da2f1ad1e83142841cd0bcaded8bd07acfb0d5be565eff54cce221835589711d
SSDEEP

6144:PP3690RlRZSUR1K5kdJATjhVy9fbWqUSopXJh3PB0/R5WX4cC:X36uXTLMDTNV8KqOpX/3PB0/y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d12350bf2d4106a5ff99b99ec1e75c7a_JaffaCakes118

Files

d12350bf2d4106a5ff99b99ec1e75c7a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c15587ecac0d8430d7394096a4f2ac1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
FindFirstFileW
DeleteCriticalSection
InterlockedExchange
FindFirstFileExW
InterlockedDecrement
GetProfileSectionW
FillConsoleOutputCharacterA
GetFileType
ExitProcess
SetFilePointer
GetPrivateProfileIntW
GetModuleHandleA
ReadFile
WriteConsoleA
CreatePipe
RtlUnwind
LCMapStringW
GetVersion
RaiseException
FindNextChangeNotification
GlobalFlags
GlobalReAlloc
GetStdHandle
GetEnvironmentStrings
GlobalFindAtomA
GlobalFix
LCMapStringA
GlobalLock
GetEnvironmentStringsW
GetPrivateProfileSectionW
LocalShrink
GetCurrencyFormatW
TransmitCommChar
LoadResource
InterlockedIncrement
GetCurrentThread
GetStringTypeW
SetStdHandle
GetStartupInfoW
GetFileAttributesExW
FindResourceExW
WaitCommEvent
RtlMoveMemory
UnhandledExceptionFilter
GetModuleFileNameW
CloseHandle
EnumDateFormatsExW
QueryPerformanceCounter
CreateEventA
DeleteFileW
CreateThread
GetCurrentThreadId
FreeEnvironmentStringsW
CompareStringW
WriteConsoleOutputAttribute
OpenFileMappingA
IsBadWritePtr
VirtualQuery
CreateDirectoryA
EnterCriticalSection
GetSystemTime
WriteProfileStringW
GetLogicalDrives
CreateDirectoryExA
GetSystemDirectoryA
TlsFree
GetConsoleCursorInfo
SetFileAttributesW
OpenMutexA
SetEvent
UnmapViewOfFile
GetUserDefaultLangID
SetThreadAffinityMask
CompareStringA
WriteConsoleW
FreeEnvironmentStringsA
GetCurrentProcess
FindAtomW
TerminateProcess
SetLastError
SetConsoleOutputCP
EnumSystemLocalesA
SetEnvironmentVariableA
GetLocalTime
WideCharToMultiByte
GetCurrentProcessId
HeapReAlloc
GetAtomNameA
GetSystemTimeAsFileTime
GetProcAddress
FormatMessageA
lstrcpyW
GetCPInfo
WriteFile
GetLastError
InitializeCriticalSection
FlushFileBuffers
VirtualAlloc
GetCommandLineA
GlobalUnlock
GetTimeZoneInformation
SetConsoleTitleA
ReadConsoleInputW
GetPrivateProfileIntA
CreateMutexA
GetDriveTypeA
TlsAlloc
GetTickCount
HeapFree
WriteProfileSectionW
LocalFlags
GetProcessAffinityMask
EnumCalendarInfoW
GetStringTypeA
SetHandleCount
CopyFileExA
RemoveDirectoryA
ReadConsoleW
UnlockFile
lstrcmpi
MultiByteToWideChar
GetStartupInfoA
EnumTimeFormatsW
GetModuleFileNameA
LoadLibraryA
HeapDestroy
GetCommandLineW
LeaveCriticalSection
UnlockFileEx
WriteConsoleOutputCharacterW
GetACP
AddAtomW
GetProcessHeaps
CreateProcessA
EnumTimeFormatsA
TlsSetValue
VirtualFree
HeapAlloc
HeapCreate

user32

ShowWindowAsync
RegisterClipboardFormatW
EmptyClipboard
EnumDisplaySettingsExA
ScrollWindow
GetScrollRange
GetClassNameW
OpenClipboard
IsCharLowerW
DefWindowProcW
RegisterClassA
LoadBitmapW
SetWindowTextA
RegisterClassExA
ShowWindow
DestroyWindow
CreateWindowExA
DdeAddData
GetCursorPos
SetMenuItemInfoA
MessageBoxW
CreateAcceleratorTableA
SetCaretPos
DdeUnaccessData

gdi32

CreateEnhMetaFileA

comctl32

ImageList_SetOverlayImage
DrawStatusTextW
InitCommonControlsEx
ImageList_SetFlags
ImageList_SetDragCursorImage
CreateMappedBitmap
ImageList_LoadImageW
ImageList_DragMove
ImageList_LoadImageA
DestroyPropertySheetPage
ImageList_GetBkColor
ImageList_GetIcon
ImageList_Destroy

Sections

.text
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c15587ecac0d8430d7394096a4f2ac1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

Sections

.text Size: 156KB - Virtual size: 152KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 92KB - Virtual size: 115KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 156KB - Virtual size: 152KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 92KB - Virtual size: 115KB

.rsrc
Size: 24KB - Virtual size: 23KB