d281715562f2e058ac6a16f04b4a96e8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d281715562f2e058ac6a16f04b4a96e8_JaffaCakes118
Size

527KB
MD5

d281715562f2e058ac6a16f04b4a96e8
SHA1

74642a7974f96001eeba03881021cf04151dbe17
SHA256

4e1a7a0fcb92f88829f942538307d11b61c468d52142c74d0373b3a39ae2f159
SHA512

90b6e4ab702481c53905dfeb341c6f961d2daabf2278362a461e3a4e644d7fda4cdd945c06f636e0da603c3ed69715cf73a800196c9b1ebb341772e8ce626e06
SSDEEP

12288:4kzv6cUvIjKp1egXM1jjkrW+Po5I3PVb/B1+OD5:7zicUvHwn1jjkrW+Po58tTH5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d281715562f2e058ac6a16f04b4a96e8_JaffaCakes118

Files

d281715562f2e058ac6a16f04b4a96e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ad6b3c6ce5421841db496ef28217286

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenuInfo
IsCharAlphaNumericW
SendInput
EnumPropsA
SetRect
SendIMEMessageExW
GetForegroundWindow
RegisterClassExA
RegisterClassA
GetCursorPos
LoadBitmapA
SetSystemCursor
DialogBoxParamW
DefFrameProcW
DrawFrameControl
IsCharUpperA
GetMessageTime
EndDialog
UnregisterDeviceNotification
OemToCharA
GetMenuState

comctl32

InitCommonControlsEx

kernel32

GetEnvironmentStringsW
EnterCriticalSection
GetConsoleCP
VirtualQuery
WritePrivateProfileStructW
GetCurrentProcessId
SetUnhandledExceptionFilter
GlobalFlags
TlsSetValue
GetStringTypeW
WriteConsoleA
TerminateProcess
GetModuleFileNameW
FlushFileBuffers
UnhandledExceptionFilter
GetDateFormatA
GetProcAddress
HeapSize
SetEnvironmentVariableA
GetCurrentProcess
LCMapStringW
GetTickCount
SetFilePointer
SetHandleCount
VirtualAlloc
GetConsoleOutputCP
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
CreateFileA
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsW
GetCurrentThread
GetCurrentThreadId
WriteConsoleW
WideCharToMultiByte
SetStdHandle
GetSystemDefaultLCID
InterlockedExchange
WriteFile
CloseHandle
ExitProcess
GetACP
ReadFile
HeapFree
LeaveCriticalSection
CompareStringW
MultiByteToWideChar
GetOEMCP
GetSystemTimeAsFileTime
TlsAlloc
GetLocaleInfoA
GetModuleFileNameA
GetTimeFormatA
CreateMutexA
IsValidLocale
LoadLibraryA
GetFileType
EnumSystemLocalesA
GetModuleHandleW
GetModuleHandleA
HeapReAlloc
InterlockedIncrement
InterlockedDecrement
OpenMutexA
HeapDestroy
TlsFree
Sleep
GetTimeZoneInformation
GetCommandLineA
GetStartupInfoW
GetStdHandle
GetLocaleInfoW
LCMapStringA
FreeLibrary
VirtualFree
RtlUnwind
HeapAlloc
GetLastError
GetConsoleMode
CompareStringA
IsValidCodePage
SetLastError
GetStringTypeA
IsDebuggerPresent
TlsGetValue
GetCommandLineW
GetUserDefaultLCID
GetCPInfo
HeapCreate
LocalAlloc

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ad6b3c6ce5421841db496ef28217286

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 192KB - Virtual size: 192KB

.rdata Size: 9KB - Virtual size: 13KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 192KB - Virtual size: 192KB

.rdata
Size: 9KB - Virtual size: 13KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 10KB - Virtual size: 9KB