df9b664472d6e872c20ecb426f8d3213_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

df9b664472d6e872c20ecb426f8d3213_JaffaCakes118
Size

406KB
MD5

df9b664472d6e872c20ecb426f8d3213
SHA1

0c7c376cd8019460aeb85c108c7ffe8024c70b63
SHA256

e80378e0f18d811e70dbef59069e4af8a067c928c230e78960b62426d88ce4cc
SHA512

a5fa499658358f67a6d012604ab2f5f0e430fea414c9016b2cf6566889c8266a596430cec386eaaa6982a736ca206b05369ac6665525d8404d27e5b55d150e42
SSDEEP

12288:f08ES72Qe7D+nfseqD0vd2YuhQj4y20b73AMiel:fcS72Qe7D+nfseqD0nqQjl2y3AMi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df9b664472d6e872c20ecb426f8d3213_JaffaCakes118

Files

df9b664472d6e872c20ecb426f8d3213_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c75953d6fa181fa7ba7cb355b30beed5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
InitializeCriticalSection
HeapFree
GetVersion
AddAtomW
GetModuleFileNameA
GetCPInfo
VirtualAlloc
FreeEnvironmentStringsA
GetCommandLineA
LCMapStringW
SetConsoleCursorInfo
GetStartupInfoA
TerminateProcess
CreateMutexA
WideCharToMultiByte
GetEnvironmentStringsW
ExpandEnvironmentStringsW
LeaveCriticalSection
InterlockedExchange
GetEnvironmentStrings
FlushFileBuffers
CompareStringW
UnhandledExceptionFilter
CopyFileExA
QueryPerformanceCounter
GetFileType
HeapDestroy
GetCurrentThread
TlsAlloc
GetTimeZoneInformation
TlsSetValue
GetLastError
FreeEnvironmentStringsW
CreateDirectoryW
GetStartupInfoW
GetStdHandle
LCMapStringA
GetAtomNameA
SetLastError
GetCurrentProcess
ReadFile
InterlockedDecrement
GetProcAddress
SetEnvironmentVariableA
OpenMutexA
ExitProcess
HeapCreate
SetStdHandle
lstrlenA
SetHandleCount
GetCurrentThreadId
MultiByteToWideChar
GetSystemTimeAsFileTime
GetModuleHandleA
HeapReAlloc
EnumDateFormatsW
GetStringTypeA
VirtualQuery
RtlUnwind
LocalReAlloc
InterlockedIncrement
WritePrivateProfileStructW
LocalUnlock
CompareStringA
SetConsoleScreenBufferSize
DeleteCriticalSection
GetNumberFormatA
WriteFile
SetFilePointer
HeapAlloc
GetLocalTime
GetSystemTime
LoadLibraryA
GetStringTypeW
TlsFree
FindResourceW
VirtualFree
GetCommandLineW
WriteProfileStringA
GetPrivateProfileStructA
GetTickCount
GetCurrentProcessId
GetACP
IsBadWritePtr
CloseHandle
FileTimeToSystemTime
TlsGetValue
EnterCriticalSection
GetNamedPipeHandleStateW

user32

DrawMenuBar
GetClassInfoExA
EnumDisplaySettingsW
PeekMessageA
GetWindowDC
GetWindowLongA
CharLowerW
RegisterClassExA
InSendMessageEx
GetClassLongW
wvsprintfW
SetForegroundWindow
DestroyMenu
OemToCharBuffA
RegisterClassA
DdeImpersonateClient

comctl32

InitCommonControlsEx

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c75953d6fa181fa7ba7cb355b30beed5

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 191KB - Virtual size: 190KB

.rdata Size: 4KB - Virtual size: 28KB

.data Size: 208KB - Virtual size: 208KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 191KB - Virtual size: 190KB

.rdata
Size: 4KB - Virtual size: 28KB

.data
Size: 208KB - Virtual size: 208KB

.rsrc
Size: 2KB - Virtual size: 1KB