df7b3a9d90476e97076f38e84e63d0aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

df7b3a9d90476e97076f38e84e63d0aa_JaffaCakes118
Size

442KB
MD5

df7b3a9d90476e97076f38e84e63d0aa
SHA1

50c87ce3ae580a7771032e3f04b86a76b8a8c6c4
SHA256

198a47bc2f70cf1da13285eeed9b232fde7dc456777bc644582b1cb40fac1684
SHA512

7c9f64a76b996352e24946ff00788f6aabf755f091608e1f8a533cfff46c730eb0e3c07d598ebf6e21d64965a8410d664c7d1306c4e9635603cc5b3de88ade0d
SSDEEP

12288:+5SIni3S/kSjM5Qsdk3kd1puO36LYiiwFoIT48eYPVq9vdewkeEBQLUxBy:EbaQsdxbKLR8dQVmUxBy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df7b3a9d90476e97076f38e84e63d0aa_JaffaCakes118

Files

df7b3a9d90476e97076f38e84e63d0aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1721efb94fb9fd964b4ccd2d241632ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSettings
ShellExecuteA
DragAcceptFiles
SHAppBarMessage
DoEnvironmentSubstA

kernel32

LoadLibraryA
TlsFree
GetStdHandle
HeapReAlloc
GetVersion
lstrcat
TerminateProcess
TlsGetValue
TlsAlloc
lstrcmpA
SetConsoleWindowInfo
TlsSetValue
GetTickCount
GetCommandLineW
SetHandleCount
UnhandledExceptionFilter
InterlockedExchange
EnumCalendarInfoExA
VirtualAlloc
DeleteCriticalSection
WriteProfileSectionW
SetLastError
GetCommandLineA
InitializeCriticalSection
ExitProcess
MultiByteToWideChar
GetProcAddress
GetCompressedFileSizeW
QueryPerformanceCounter
GetCurrentProcess
SetPriorityClass
GetCurrentThreadId
FreeEnvironmentStringsA
GetEnvironmentStringsW
OpenWaitableTimerW
SetCurrentDirectoryW
GetLastError
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetModuleHandleA
HeapCreate
IsBadWritePtr
LocalLock
HeapFree
RtlUnwind
lstrcatA
GetModuleFileNameW
GetThreadPriorityBoost
GetModuleFileNameA
GetCurrentThread
UnmapViewOfFile
HeapAlloc
GetEnvironmentStrings
HeapDestroy
GetFileType
EnterCriticalSection
LocalFlags
LeaveCriticalSection
GetProfileSectionW
VirtualQuery
GetStartupInfoW
VirtualFree
GetCurrentProcessId
WriteFile
GetStartupInfoA

user32

LoadMenuIndirectA
CallWindowProcA
SetDlgItemTextA
GetCapture
InternalGetWindowText
BroadcastSystemMessageW
GetMenu
IsCharUpperW
SetRect
GetClassLongW
AppendMenuW
GetClassNameW
SetWindowsHookA
CreateCursor

comdlg32

ChooseFontA
PageSetupDlgA
PrintDlgA

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1721efb94fb9fd964b4ccd2d241632ab

Headers

File Characteristics

Imports

shell32

kernel32

user32

comdlg32

Sections

.text Size: 151KB - Virtual size: 150KB

.rdata Size: 3KB - Virtual size: 16KB

.data Size: 278KB - Virtual size: 278KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 151KB - Virtual size: 150KB

.rdata
Size: 3KB - Virtual size: 16KB

.data
Size: 278KB - Virtual size: 278KB

.rsrc
Size: 8KB - Virtual size: 7KB