e062a1a7b420ed428ee0c0fc3adbf942_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e062a1a7b420ed428ee0c0fc3adbf942_JaffaCakes118
Size

525KB
MD5

e062a1a7b420ed428ee0c0fc3adbf942
SHA1

7cec19fa3cf76e790245a03d80858fef7c3f2f88
SHA256

8856ccdacc9c296e4c3f59c06e522bf0b33bdd056648a1599a5f4e9a3eb869c0
SHA512

176da43c1aee60b76903844cf9a9fa5056bc5a90c13ded53febf09b3e1be65135bd78d0c9516e371683362a05ce584c7af752d6496f5a54ef00082defa225aca
SSDEEP

12288:6pLw3ItF7YWvn+hwvJF6XH608ixOmlYTp/Q:13ItF7rP+hwvJo369ix7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e062a1a7b420ed428ee0c0fc3adbf942_JaffaCakes118

Files

e062a1a7b420ed428ee0c0fc3adbf942_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88d13751394ee6275be38fc85a7908d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetMenuItemBitmaps
SetScrollPos
RegisterClassExA
GetMenuCheckMarkDimensions
KillTimer
MoveWindow
SendMessageTimeoutA
FindWindowW
ReleaseDC
RegisterClassA
DlgDirSelectComboBoxExW
GetProcessDefaultLayout
GetMenuDefaultItem
DdeConnect
EnableScrollBar

kernel32

SetEnvironmentVariableA
CreateFileA
FreeEnvironmentStringsA
GetTickCount
CreateMutexA
WriteConsoleA
VirtualQuery
TlsFree
InitializeCriticalSection
GetTimeZoneInformation
SetUnhandledExceptionFilter
GetProcAddress
ReadFile
LeaveCriticalSection
WideCharToMultiByte
GetModuleFileNameA
GetTimeFormatA
VirtualFree
GetStringTypeA
LCMapStringW
CloseHandle
OpenMutexA
GetStartupInfoW
FreeEnvironmentStringsW
HeapSize
SetThreadPriority
EnterCriticalSection
GetCommandLineW
GetCurrentThreadId
LCMapStringA
TlsGetValue
LoadLibraryA
GetEnvironmentStrings
MultiByteToWideChar
GetStdHandle
GetFileType
GetStringTypeW
VirtualAlloc
InterlockedDecrement
DeleteCriticalSection
SetHandleCount
GetSystemTimeAsFileTime
GetCPInfo
InterlockedIncrement
GetModuleHandleA
SetConsoleCtrlHandler
GetCurrentProcessId
GetVersionExA
QueryPerformanceCounter
ExitProcess
SetStdHandle
GetModuleFileNameW
WriteFile
GetStartupInfoA
RtlUnwind
TlsAlloc
HeapFree
HeapCreate
TerminateProcess
GetCurrentThread
GetProcessAffinityMask
CompareStringA
HeapAlloc
GetConsoleOutputCP
EnumSystemLocalesA
IsValidLocale
GetConsoleMode
UnhandledExceptionFilter
InterlockedExchange
GetEnvironmentStringsW
Sleep
SetLastError
WriteConsoleW
SetFilePointer
GlobalFindAtomW
GetOEMCP
FlushFileBuffers
GetCurrentProcess
GetCommandLineA
CompareStringW
GetConsoleCP
GetDateFormatA
IsDebuggerPresent
HeapDestroy
GetLocaleInfoW
GetUserDefaultLCID
HeapReAlloc
GetProcessHeap
GetLastError
GetACP
GetLocaleInfoA
FreeLibrary
IsValidCodePage
TlsSetValue

comctl32

InitCommonControlsEx

Sections

.text
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88d13751394ee6275be38fc85a7908d2

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 193KB - Virtual size: 193KB

.rdata Size: 9KB - Virtual size: 25KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 193KB - Virtual size: 193KB

.rdata
Size: 9KB - Virtual size: 25KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 8KB - Virtual size: 7KB