df1e767f8087bc37f3ee5405b865ace2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

df1e767f8087bc37f3ee5405b865ace2_JaffaCakes118
Size

316KB
MD5

df1e767f8087bc37f3ee5405b865ace2
SHA1

4f23065941d93c067ce1b873eb0181d65997d54e
SHA256

6d5a565274e42784972bad606a98d1b52cc54356f67372ef667c099d41323e64
SHA512

849a81499fbe730630a35fd9bde58ab00610324c3d589900d848a06416d92dae2cceb59141aec8167159b421753b19860cd92ed5b2dc1264097337ca701d7815
SSDEEP

6144:VZHP7Cws06O5SfNWlGlcpQF+fnzlDFp2fSJXcH+yTjLTz49t:VJP78RAcqpQF+fnzjQ6mQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df1e767f8087bc37f3ee5405b865ace2_JaffaCakes118

Files

df1e767f8087bc37f3ee5405b865ace2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

024e7d838196a3288f3b9ae6b560feda

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

PeekMessageA
GetSysColor
WindowFromPoint
GetFocus
SetActiveWindow
PeekMessageW
MapWindowPoints
DestroyWindow
IsChild

gdi32

DeleteObject
CreatePen
StretchDIBits

kernel32

GetCommandLineA
GetFileType
GetOEMCP
GetCurrentThreadId
TerminateThread
SetLastError
WideCharToMultiByte
GetConsoleCP
HeapAlloc
InterlockedIncrement
CloseHandle
GetStartupInfoA
GetACP
SetEvent
InitializeCriticalSection
LoadLibraryW
TlsFree
SetStdHandle
OutputDebugStringA
GlobalFree
RaiseException
GetFileAttributesW
HeapFree
SetConsoleCtrlHandler
GetCurrentProcess
TerminateProcess
SetConsoleCP
VirtualFree
ResumeThread
ExitProcess
InterlockedExchange
VirtualAlloc
GetEnvironmentVariableW
LeaveCriticalSection
IsDebuggerPresent
VirtualProtect
GetCurrentDirectoryA
FindClose
GetProcessHeap
SetHandleCount
HeapSize
GetFileSizeEx
GetModuleHandleA

advapi32

RegQueryValueExW
RegCreateKeyExW

msvcrt

_initterm
calloc
_errno
malloc
__p__commode
_onexit

ole32

CoTaskMemFree

lz32

LZDone

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 174KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 494KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

024e7d838196a3288f3b9ae6b560feda

Headers

File Characteristics

Imports

user32

gdi32

kernel32

advapi32

msvcrt

ole32

lz32

Sections

.text Size: 135KB - Virtual size: 135KB

.rdata Size: 174KB - Virtual size: 184KB

.data Size: 512B - Virtual size: 494KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 156B

.text
Size: 135KB - Virtual size: 135KB

.rdata
Size: 174KB - Virtual size: 184KB

.data
Size: 512B - Virtual size: 494KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 156B