d58859e17b49ef7f0d279126436b92cf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d58859e17b49ef7f0d279126436b92cf_JaffaCakes118
Size

546KB
MD5

d58859e17b49ef7f0d279126436b92cf
SHA1

ef7c3909f0bd42b134d04f710462cca8acaea007
SHA256

21c61908e24adf0e89d0f561a6980e505d80ca09ed4db82184c34694156f8585
SHA512

1c91d95915177e30d14e97ee3a1ecbe8420f778084c3b803ccb3a2bbbaf99d93daefdd22fefc5b90c8db59596a0afc53ad1a5588cb91470da00d32662140539a
SSDEEP

12288:psvggqDM9HXJfJUDVjmdmR6+LekNOLlN+5jd2xi:psvggqDMpXJfJcZmsRhHNEN+Si

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d58859e17b49ef7f0d279126436b92cf_JaffaCakes118

Files

d58859e17b49ef7f0d279126436b92cf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c561a1389439172ca0c28f4b732a8f5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

InterlockedDecrement
LeaveCriticalSection
CreateFileA
CreateMutexA
GetConsoleMode
GetCurrentThread
GetDateFormatA
SetConsoleCursorInfo
WriteConsoleW
QueryPerformanceCounter
GetPrivateProfileSectionA
SetConsoleCtrlHandler
GetCommandLineA
GetFileType
DuplicateHandle
RtlUnwind
GetCurrencyFormatA
GetOEMCP
SetFilePointer
HeapSize
DeleteCriticalSection
GetCurrentThreadId
GetModuleHandleW
FindFirstFileExW
LoadLibraryA
GetTickCount
WideCharToMultiByte
OutputDebugStringW
HeapCreate
RtlFillMemory
GetConsoleOutputCP
GetEnvironmentStrings
IsBadWritePtr
MultiByteToWideChar
OpenMutexA
Sleep
GetTimeZoneInformation
WriteConsoleA
VirtualQuery
CompareStringW
EnterCriticalSection
GetPrivateProfileStructA
GetCurrentDirectoryW
EnumResourceLanguagesA
GetCurrentProcessId
GetStringTypeW
CloseHandle
HeapDestroy
GetStdHandle
GetStringTypeA
ExitProcess
GetModuleHandleA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLocaleInfoW
GetTimeFormatA
TlsSetValue
GetModuleFileNameA
GetLocaleInfoA
IsDebuggerPresent
InterlockedIncrement
ReadConsoleW
GetACP
GetEnvironmentStringsW
FlushFileBuffers
SetEnvironmentVariableA
IsValidLocale
TlsGetValue
HeapAlloc
FreeEnvironmentStringsW
TlsFree
GetCPInfo
FindNextFileW
lstrlenA
GetConsoleCP
FindResourceA
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GlobalUnlock
SetHandleCount
HeapReAlloc
GetUserDefaultLCID
IsValidCodePage
GetProcAddress
FreeLibrary
HeapFree
GetLastError
VirtualFree
LCMapStringA
TlsAlloc
TerminateProcess
InterlockedExchange
CompareStringA
WriteFile
ReadFile
LCMapStringW
GetDriveTypeA
GetCurrentProcess
GetStartupInfoA
InitializeCriticalSectionAndSpinCount
SetLastError
OpenSemaphoreA
SetStdHandle
VirtualAlloc
EnumSystemLocalesA

user32

SendMessageTimeoutA
EnumDisplayDevicesW
RegisterDeviceNotificationW
EnumPropsExW
CreateDesktopA
RegisterClassA
CreateWindowStationW
SetMenuContextHelpId
DrawFrameControl
DdeQueryStringA
GetMessageTime
DdeQueryConvInfo
SetLastErrorEx
EnumDisplaySettingsW
DefMDIChildProcW
CloseWindow
ActivateKeyboardLayout
PostMessageW
InSendMessageEx
GetMonitorInfoA
RegisterClassExA
SetScrollPos
DlgDirSelectExW

shell32

SHGetDataFromIDListW

Sections

.text
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c561a1389439172ca0c28f4b732a8f5b

Headers

File Characteristics

Imports

comctl32

kernel32

user32

shell32

Sections

.text Size: 207KB - Virtual size: 207KB

.rdata Size: 10KB - Virtual size: 18KB

.data Size: 315KB - Virtual size: 315KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 207KB - Virtual size: 207KB

.rdata
Size: 10KB - Virtual size: 18KB

.data
Size: 315KB - Virtual size: 315KB

.rsrc
Size: 12KB - Virtual size: 11KB