d448a6fe2568da54a8a8e8a7d2010166_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d448a6fe2568da54a8a8e8a7d2010166_JaffaCakes118
Size

519KB
MD5

d448a6fe2568da54a8a8e8a7d2010166
SHA1

40fe23f87a10a1876c616013693277add64a5b33
SHA256

f447b33799f73d9e0f4352a42f37418188cd13985831842eb0b728db72a432cd
SHA512

ca7d620c48a73a04235ca3bfd7c21aba80e1eef49d03892e2db8d4eb5203212e0dd8c052fe8bf9f59d73923ee5ad0abc66807a6f54909d05f84a13bab89f0edc
SSDEEP

12288:xwqFXRHkahTX6cwD5456Wc/elPYgWBlBQZd3Url:CqxRHrhOcwD545Lc/AwgaYPE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d448a6fe2568da54a8a8e8a7d2010166_JaffaCakes118

Files

d448a6fe2568da54a8a8e8a7d2010166_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a9e55098a74eafd41548acc358f12002

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

DrawCaption
SetWindowTextA
LoadMenuIndirectW
RegisterClassExA
RegisterClassA
CharPrevA
GetClassWord
RemovePropA

kernel32

EnumSystemLocalesA
FileTimeToDosDateTime
SetHandleCount
GetUserDefaultLCID
UnhandledExceptionFilter
SetLastError
QueryPerformanceCounter
CloseHandle
LCMapStringW
GetEnvironmentStrings
VirtualProtect
GetFileType
SetFilePointer
WriteFile
GetStringTypeW
GetCurrentThreadId
InitializeCriticalSection
GetEnvironmentStringsW
VirtualQuery
EnterCriticalSection
GetProcAddress
GetCommandLineA
GetCurrentProcessId
GetStdHandle
GetTickCount
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetCPInfo
GetCurrentProcess
GetLocaleInfoA
LoadLibraryA
IsBadWritePtr
FlushFileBuffers
RtlUnwind
IsValidCodePage
TerminateProcess
HeapSize
FindAtomW
InterlockedExchange
HeapCreate
DeleteCriticalSection
HeapDestroy
SetStdHandle
MultiByteToWideChar
ReadFile
GetLocaleInfoW
GetTimeFormatA
GetDateFormatA
TlsAlloc
IsValidLocale
ExitProcess
VirtualAlloc
GetStringTypeA
LeaveCriticalSection
GetACP
WideCharToMultiByte
HeapReAlloc
CreateMutexA
CompareStringA
GetCurrentThread
TlsGetValue
GlobalHandle
GetVersionExA
GetModuleFileNameA
GetModuleHandleA
GetSystemTimeAsFileTime
LCMapStringA
GetTimeZoneInformation
HeapFree
TlsFree
GetSystemInfo
GetStartupInfoA
GetOEMCP
TlsSetValue
CompareStringW
VirtualFree
HeapAlloc
OpenMutexA
GetLastError
FreeEnvironmentStringsA

Sections

.text
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9e55098a74eafd41548acc358f12002

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 186KB - Virtual size: 186KB

.rdata Size: 7KB - Virtual size: 18KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 186KB - Virtual size: 186KB

.rdata
Size: 7KB - Virtual size: 18KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 10KB - Virtual size: 10KB