f646a37735c5d61ab803a1c911e756db_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f646a37735c5d61ab803a1c911e756db_JaffaCakes118
Size

284KB
MD5

f646a37735c5d61ab803a1c911e756db
SHA1

e322040b79e54126185ad4b9c516001a476c9aba
SHA256

687b76d0386fb3ff4ecece8c3eacd3f564ed6e18c838bd61bac7e39cafccb85b
SHA512

2352e567d43a3fec865d7ae7ed106ad60eb550ebe82d7a3acdbc3ff07c953bd8fb4b792643043adb79689aa8150e570fc83de08a5206bc7a0bda85d51d03d554
SSDEEP

6144:dHQUl8WCcODPNm8kxEU2rjAIna3CGZLTOELgLEbw:NQUclrkCUvYa3JtgL6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f646a37735c5d61ab803a1c911e756db_JaffaCakes118

Files

f646a37735c5d61ab803a1c911e756db_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22cc818fbe8d36287c7fe213a79d5285

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
TlsFree
GetStartupInfoW
GetCurrentProcessId
TransactNamedPipe
VirtualFree
QueryPerformanceCounter
WriteProfileSectionA
GetModuleHandleA
TlsSetValue
GetCommandLineA
OpenMutexA
FreeEnvironmentStringsW
GetAtomNameW
SetHandleCount
WideCharToMultiByte
CompareFileTime
GetEnvironmentStringsW
CompareStringA
GetCurrentThread
WaitCommEvent
LocalFlags
InterlockedIncrement
LoadLibraryA
GetStartupInfoA
IsBadWritePtr
GetFileType
InterlockedExchange
GetTickCount
InterlockedDecrement
SetLastError
GetCPInfo
GetCurrentThreadId
GetMailslotInfo
LeaveCriticalSection
ReadConsoleOutputW
GetTimeZoneInformation
GetLocalTime
ReadFile
GetLastError
GetProcAddress
VirtualQuery
GetVersion
SetEnvironmentVariableA
GetStdHandle
UnhandledExceptionFilter
GetSystemTimeAsFileTime
TlsGetValue
LCMapStringW
GetPrivateProfileIntW
CloseHandle
GetCommandLineW
HeapCreate
ExitProcess
VirtualAlloc
GetCurrentProcess
HeapFree
GetStringTypeW
GetStringTypeA
CreateMutexA
FreeEnvironmentStringsA
WriteFile
CompareStringW
MultiByteToWideChar
TerminateProcess
LCMapStringA
EnumSystemCodePagesW
RtlUnwind
HeapAlloc
SetFilePointer
GetModuleFileNameW
TlsAlloc
SetStdHandle
FlushFileBuffers
InitializeCriticalSection
EnterCriticalSection
HeapDestroy
WaitForSingleObject
HeapReAlloc
GetModuleFileNameA
GetSystemTime
GetEnvironmentStrings

shell32

DragQueryPoint
SHFileOperation
SHGetDataFromIDListA
SHQueryRecycleBinW
SHBrowseForFolder

gdi32

GetCharABCWidthsFloatA
CombineRgn
GetMiterLimit
CreateDCW
GetGlyphOutlineA
GetEnhMetaFilePaletteEntries
PolyPolyline
GetDeviceCaps
LineDDA
CreateBitmap
CopyMetaFileA
GetKerningPairsA
StretchDIBits
DeleteDC
GetNearestColor
SelectObject
CopyEnhMetaFileA
GetPath
GetMetaRgn
SetSystemPaletteUse
CreateScalableFontResourceA
AnimatePalette
UpdateICMRegKeyA
CreateEnhMetaFileA
GetObjectW

comctl32

InitCommonControlsEx

user32

SetWindowTextW
SetParent
CreateWindowExW
IsZoomed
CascadeWindows
PaintDesktop
OpenWindowStationW
OpenIcon
GetClassInfoExW
IsRectEmpty
CallNextHookEx
IsCharAlphaNumericA
RegisterClassExA
GetClipboardData
GetTitleBarInfo
LoadMenuIndirectW
DdeKeepStringHandle
RegisterClassA
GetClassInfoA
ReplyMessage
ShowScrollBar
ShowWindow
MessageBoxA

Sections

.text
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22cc818fbe8d36287c7fe213a79d5285

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

comctl32

user32

Sections

.text Size: 157KB - Virtual size: 156KB

.rdata Size: 22KB - Virtual size: 39KB

.data Size: 86KB - Virtual size: 86KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 157KB - Virtual size: 156KB

.rdata
Size: 22KB - Virtual size: 39KB

.data
Size: 86KB - Virtual size: 86KB

.rsrc
Size: 17KB - Virtual size: 17KB