dfacf555a43d7231adebb06310674116_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dfacf555a43d7231adebb06310674116_JaffaCakes118
Size

201KB
MD5

dfacf555a43d7231adebb06310674116
SHA1

906bd9581c48dc51b9ecc43e91d14a41e4853b95
SHA256

0edac7c9e0fac6f9cafbd6be4f77d70646cdb00f2cfc3c6470509c4eeb3f697e
SHA512

319e63389a9b06ec3ac9f3496c4c5f221e31b807cfa9e7749b1794c32fae828446040c4762bcb39615498d36b49d09d01d192f11a4628ba8327dc4d760da3281
SSDEEP

3072:BtapsmVNMnDN7v5n+sNHU4mOTlVnCe5ctsoYGpn5mEnhuqYwsEulBf3rh693aA:Ew579++2OTz/5djEhuTJfrh6937

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfacf555a43d7231adebb06310674116_JaffaCakes118

Files

dfacf555a43d7231adebb06310674116_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e67a51f37d98142e9577ffe8a4af52a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
GetLastError
InterlockedIncrement
InterlockedDecrement
lstrlenA
lstrcmpiA
IsDBCSLeadByte
CreateProcessA
DeleteFileA
Sleep
CreateEventA
OpenEventA
FreeLibrary
SizeofResource
LoadResource
TerminateProcess
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
FlushFileBuffers
GetExitCodeProcess
CloseHandle
OutputDebugStringA
CreateDirectoryA
SetFileAttributesA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
SetEndOfFile
GetStringTypeW
FindResourceA
RaiseException
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetProcAddress
GetSystemInfo
VirtualQuery
HeapReAlloc
ReadFile
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointer
GetCommandLineA
GetProcessHeap
GetStartupInfoA
GetCPInfo
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
SetStdHandle
GetFileType
SetHandleCount
GetStdHandle
CreateFileA
HeapDestroy
HeapCreate
VirtualFree
ExitProcess
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId

user32

CharNextA
DestroyWindow
MessageBoxA
UnregisterClassA
DefWindowProcA

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA

ole32

CoTaskMemRealloc
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

psapi

GetModuleBaseNameA
EnumProcessModules
EnumProcesses

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8e67a51f37d98142e9577ffe8a4af52a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

comctl32

psapi

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 92KB - Virtual size: 92KB

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 92KB - Virtual size: 92KB