d226ff9f8be818bea5cfef3007ce6c3e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d226ff9f8be818bea5cfef3007ce6c3e_JaffaCakes118
Size

268KB
MD5

d226ff9f8be818bea5cfef3007ce6c3e
SHA1

94900c1b24b03f087206b78e99fde0b1ee9eaf0e
SHA256

b66e5aebe38403fee593e1fe0d85513bfd688b926d762c618fce5864821f400c
SHA512

89122d8d0a936fe073f074aed256a22a5e662ac31597936f4b257e55f28333f409b122583340fcbf94ef268cbdff64939038c9826c3ada4971e68a2b3a346858
SSDEEP

3072:iJ64dCfmyfm89HofYh4Cdx3/mMHoed8X1OBeUgR6zEHYBhMrDNelZc/d:i0mSmcS+LP/yR1c4YkKK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
d226ff9f8be818bea5cfef3007ce6c3e_JaffaCakes118

Files

d226ff9f8be818bea5cfef3007ce6c3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

befe3eb6a7b6a61707f13e6504d6edbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowTextA
SetWindowPos
DialogBoxParamA
EndDialog
MessageBoxA
GetWindowTextA
GetDlgItem
SendMessageA
EnableWindow
wsprintfA
GetDesktopWindow
GetWindowRect
GetClientRect
GetSystemMetrics

comdlg32

GetOpenFileNameA

kernel32

CloseHandle
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTimeZoneInformation
SetEndOfFile
GetLocaleInfoW
GetDateFormatA
GetTimeFormatA
InterlockedExchange
GetOEMCP
GetACP
LoadLibraryA
CreateFileA
SetStdHandle
SetConsoleCtrlHandler
VirtualQuery
HeapAlloc
HeapFree
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
GetLastError
LCMapStringW
GetCPInfo
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetProcAddress
TerminateProcess
GetCurrentProcess
ReadFile
WriteFile
SetUnhandledExceptionFilter
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
FlushFileBuffers
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
VirtualProtect
GetSystemInfo

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

befe3eb6a7b6a61707f13e6504d6edbe

Headers

File Characteristics

Imports

user32

comdlg32

kernel32

Sections

.text Size: 104KB - Virtual size: 100KB

.rdata Size: 116KB - Virtual size: 115KB

.data Size: 12KB - Virtual size: 15KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 104KB - Virtual size: 100KB

.rdata
Size: 116KB - Virtual size: 115KB

.data
Size: 12KB - Virtual size: 15KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 28KB - Virtual size: 27KB