d50b17728287ac7a0c31d80e9c58fa98_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d50b17728287ac7a0c31d80e9c58fa98_JaffaCakes118
Size

156KB
MD5

d50b17728287ac7a0c31d80e9c58fa98
SHA1

cdb00482a1f91be283bf1259c44954e29b697cbc
SHA256

cabc9fd85b29d098e09cf4f45775e6b9b35b9dc26299c91b6b3a7d4da19ab6ef
SHA512

ac22fa19363c83bad1e6db02731fac43481f9ca1a976dafa500d8b0b6622a223b261fd5673c31afcb7fd36dbbb0d6c48b7daa2e4d18cbb608428d90b8c17d69f
SSDEEP

3072:XbJxYf2JVIigh1SCJ+ilcni4Y1UIubTQwyxI6yR2Ge0ujCk7fnrEZm:XVxu2vIiwPJ+WGVY1UIPm2Ge0WCkfnoZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d50b17728287ac7a0c31d80e9c58fa98_JaffaCakes118

Files

d50b17728287ac7a0c31d80e9c58fa98_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b16f2925486c4ba84cbe1d7d6d1aa435

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CoUninitialize
CoTaskMemAlloc
CoInitialize

msvfw32

ICInfo

shell32

SHGetSpecialFolderLocation
ShellExecuteW
SHGetPathFromIDListW

kernel32

CreateFileA
IsProcessorFeaturePresent
CreateProcessW
FreeEnvironmentStringsA
GetModuleHandleA
FlushFileBuffers
lstrcmpA
CloseHandle
lstrlenA
GetTempFileNameW
LocalAlloc
InitializeCriticalSection
GetVDMCurrentDirectories
GetModuleFileNameA
WritePrivateProfileSectionW
CreateFileW
VirtualFree
GetFileAttributesW
GetStringTypeW
GetSystemTimeAsFileTime
IsDebuggerPresent
GetSystemDirectoryW
Sleep
GetCurrentThreadId
SizeofResource
TlsFree
GetLastError
GetACP
GetEnvironmentStrings
GetProcessHeap
GetVersionExW
FreeLibrary
FreeEnvironmentStringsW
InterlockedIncrement
GetFileType
LCMapStringA
WriteConsoleW
LoadLibraryW
LoadResource
WideCharToMultiByte
GetConsoleOutputCP
SetLastError
HeapAlloc
SetThreadPriorityBoost
EnterCriticalSection
TlsGetValue
VirtualAlloc
GetVersionExA
RaiseException
HeapReAlloc
GetEnvironmentStringsW
GetProcAddress
GetStdHandle
InterlockedDecrement
GetConsoleMode
GetModuleFileNameW
LoadLibraryA
HeapDestroy
DeleteFileW
ExitProcess
EnumResourceNamesW
ReadFile
WriteFile
GetFileSize
InterlockedCompareExchange
FindResourceW
GetStringTypeA
GetCurrentProcess
LeaveCriticalSection
RtlUnwind
InterlockedExchange
TerminateProcess
HeapCreate
SetFilePointer
GetTickCount
SetHandleCount
HeapSize
GetOEMCP
GetTempPathW
MulDiv
GetModuleHandleW
UnmapViewOfFile
TlsSetValue
MultiByteToWideChar
LoadLibraryExW
LocalFree
GetCommandLineA
GetCommandLineW
GetLocaleInfoA
CreateSemaphoreW
GetDriveTypeW
lstrcmpiW
SetStdHandle
CopyFileW
MapViewOfFile
FlushInstructionCache
LockResource
WaitForSingleObject
GetCPInfo
LCMapStringW
GetThreadLocale
TlsAlloc
CreateFileMappingW
GetVersion
UnhandledExceptionFilter
QueryPerformanceCounter
WriteConsoleA
SetUnhandledExceptionFilter
GetCurrentProcessId
DeleteCriticalSection
GetStartupInfoW
GetStartupInfoA
HeapFree
GetConsoleCP
lstrlenW

gdi32

CreateFontIndirectW
GetDeviceCaps
DeleteObject

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

user32

SetWindowTextW
GetWindowRect
SetDlgItemTextW
GetDC
GetDlgItemTextW
GetWindowTextLengthW
RegisterClassExW
BeginPaint
EndPaint
GetWindow
GetParent
GetClientRect
GetWindowInfo
SetCapture
DispatchMessageW
DestroyWindow
GetDlgItem
SetWindowPos
TranslateMessage
LoadCursorW
PeekMessageW
CreateWindowExW
MessageBoxW
MapWindowPoints
GetClassInfoExW
SystemParametersInfoW
EndDialog

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b16f2925486c4ba84cbe1d7d6d1aa435

Headers

File Characteristics

Imports

ole32

msvfw32

shell32

kernel32

gdi32

version

user32

Sections

.text Size: 81KB - Virtual size: 80KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 68KB - Virtual size: 68KB

.idive Size: 1024B - Virtual size: 96KB

.text
Size: 81KB - Virtual size: 80KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 68KB - Virtual size: 68KB

.idive
Size: 1024B - Virtual size: 96KB