dbd8a3881e1096bb1d16180be4122daf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dbd8a3881e1096bb1d16180be4122daf_JaffaCakes118
Size

615KB
MD5

dbd8a3881e1096bb1d16180be4122daf
SHA1

5b5e4912787bc449445713d397e000dd4226dcab
SHA256

a399bb0a296c4f668c08d70c8b4db2d50638e7e7846921655af06b40965a2c3e
SHA512

6d81abd714184f7bddb220d4e0d698944f118d4f6e1141d0c6aeaea1aa7bef1b912d0bb08a8b891df8c82398bd486ee2c8ec56d5cb4aa176eae760a72ee34dfc
SSDEEP

12288:tBD2dO3BlnjHgiVXr7Q7EED9q2me3GUnbVjelvfG9s2dOlLqx+Ffq1xnth:agtVXOEBe3G6VGszWLq28xnth

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbd8a3881e1096bb1d16180be4122daf_JaffaCakes118

Files

dbd8a3881e1096bb1d16180be4122daf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e509f984a079da12be364c202f27dc5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

HeapFree
GetUserDefaultLCID
GetSystemInfo
LoadLibraryA
RtlUnwind
QueryPerformanceCounter
ReadConsoleW
GetDiskFreeSpaceExW
GetProcAddress
FreeEnvironmentStringsW
GetVersionExA
GetCurrentThreadId
FreeEnvironmentStringsA
GetFileType
CreateMutexA
GetDateFormatA
GetAtomNameW
HeapDestroy
GetModuleHandleA
InterlockedExchange
GetCurrentThread
SetStdHandle
InitializeCriticalSection
GetTickCount
TerminateProcess
LCMapStringA
GetLastError
EnterCriticalSection
HeapAlloc
WideCharToMultiByte
SetHandleCount
FlushFileBuffers
SetLastError
GetOEMCP
ReadFile
GetLocaleInfoW
GetStdHandle
CompareStringA
HeapReAlloc
IsValidCodePage
GetTimeZoneInformation
GetCommandLineA
CompareStringW
IsValidLocale
CloseHandle
LeaveCriticalSection
VirtualQuery
GetStringTypeA
GetEnvironmentStrings
UnhandledExceptionFilter
GetLocaleInfoA
MultiByteToWideChar
GetStringTypeW
GetModuleFileNameA
IsBadWritePtr
ExitProcess
GetSystemTimeAsFileTime
GetACP
TlsSetValue
DeleteCriticalSection
GetCurrentProcessId
GetCurrentProcess
OpenMutexA
GetEnvironmentStringsW
VirtualAlloc
HeapCreate
GetCPInfo
TlsAlloc
LCMapStringW
EnumSystemLocalesA
SetFilePointer
TlsFree
GetStartupInfoA
VirtualProtect
SetEnvironmentVariableA
TlsGetValue
VirtualFree
WriteFile
GetTimeFormatA
HeapSize

user32

GetClassLongA
CharNextA
MessageBoxW
UnregisterClassW
LoadMenuA
SetCapture
DdeImpersonateClient
GetCapture
DeferWindowPos
CopyAcceleratorTableW
GetMenuItemID
LookupIconIdFromDirectoryEx
OemToCharA
GetShellWindow
RegisterClassExA
MapDialogRect
RegisterClassA

Sections

.text
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e509f984a079da12be364c202f27dc5

Headers

File Characteristics

Imports

comctl32

kernel32

user32

Sections

.text Size: 280KB - Virtual size: 279KB

.rdata Size: 7KB - Virtual size: 34KB

.data Size: 317KB - Virtual size: 317KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 280KB - Virtual size: 279KB

.rdata
Size: 7KB - Virtual size: 34KB

.data
Size: 317KB - Virtual size: 317KB

.rsrc
Size: 9KB - Virtual size: 9KB