db98a50a86d345bd1ca77d804c8e7fe5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

db98a50a86d345bd1ca77d804c8e7fe5_JaffaCakes118
Size

469KB
MD5

db98a50a86d345bd1ca77d804c8e7fe5
SHA1

5a0ceb92b55dec25336275e8b69a204d40ded4e6
SHA256

f9643df9c9f7a76ab10506a3ea7c341ff999d743667b0ae7f5e1fc7d27f28912
SHA512

26ac46004814bb196ab2dbd641936bd8f7a05d47df7c5f0a19133fda68cf3a85f2a50f2e35c25e7d4b37fc1151b92a092fe894d950a8efe47b9507c6e2082207
SSDEEP

12288:XZJF2MykoO1na3YW8m22pA+jk/NT6Shy6zc:Qk11naIPm7e90

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db98a50a86d345bd1ca77d804c8e7fe5_JaffaCakes118

Files

db98a50a86d345bd1ca77d804c8e7fe5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f20db6e4059332117ae609379fae1414

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

HeapAlloc
CreateMutexA
GlobalFlags
CreateFileA
VirtualProtect
GetModuleFileNameW
GetDiskFreeSpaceExA
SetEnvironmentVariableA
LeaveCriticalSection
lstrcpynW
FindFirstFileExW
ReadFile
SetHandleCount
LoadLibraryA
GetSystemInfo
GetModuleHandleA
WideCharToMultiByte
FindClose
GetProcAddress
DeleteFileW
GetLocaleInfoW
GetVersionExA
SetConsoleScreenBufferSize
OpenWaitableTimerW
TlsAlloc
GetCPInfo
IsBadWritePtr
FreeEnvironmentStringsW
WriteFile
HeapSize
IsValidCodePage
VirtualQuery
GetUserDefaultLCID
CompareStringW
GetTimeFormatA
GetStringTypeW
HeapFree
UnhandledExceptionFilter
GetCurrentProcess
GetEnvironmentStringsW
GetStartupInfoW
GetTickCount
GetVolumeInformationW
GetStringTypeA
SetConsoleCursorPosition
GetCurrentThreadId
ExitProcess
TlsFree
FlushFileBuffers
GetCurrentProcessId
GetFileType
GetACP
GetCurrentThread
ReadConsoleOutputCharacterA
CloseHandle
IsValidLocale
SetStdHandle
GetOEMCP
FindAtomA
InterlockedExchange
GetEnvironmentStrings
TerminateProcess
EnterCriticalSection
GetLocaleInfoA
HeapCreate
RtlUnwind
QueryPerformanceCounter
GetTimeZoneInformation
GetStdHandle
EnumSystemLocalesA
GetCommandLineA
GetStartupInfoA
VirtualFree
HeapDestroy
HeapReAlloc
GetModuleFileNameA
MultiByteToWideChar
TlsSetValue
LCMapStringW
GetFileSize
FreeEnvironmentStringsA
OpenMutexA
SetCurrentDirectoryA
SetLocaleInfoW
DeleteCriticalSection
SetLastError
GetCommandLineW
GetSystemTimeAsFileTime
SetFilePointer
LCMapStringA
InitializeCriticalSection
VirtualAlloc
GetLastError
TlsGetValue
CompareStringA
GetDateFormatA

user32

InsertMenuItemA
GetOpenClipboardWindow
GetPropW
UnionRect
IsMenu
CallNextHookEx
RegisterClassExA
TranslateAcceleratorA
SetClipboardViewer
DestroyCursor
RegisterClassA

gdi32

OffsetViewportOrgEx
CreateRectRgnIndirect
SetPolyFillMode

comdlg32

GetOpenFileNameW
PrintDlgW

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f20db6e4059332117ae609379fae1414

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 144KB - Virtual size: 143KB

.rdata Size: 8KB - Virtual size: 28KB

.data Size: 312KB - Virtual size: 312KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 8KB - Virtual size: 28KB

.data
Size: 312KB - Virtual size: 312KB

.rsrc
Size: 3KB - Virtual size: 3KB