f658b52983eb2f65ccee80a69319fcd7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f658b52983eb2f65ccee80a69319fcd7_JaffaCakes118
Size

552KB
MD5

f658b52983eb2f65ccee80a69319fcd7
SHA1

0139d3a2274a5e17fbf5664b5697bb198d10130e
SHA256

eed2a8adbb3ea0b31529d58b7b5257185f061442204b8eaa007f7a71462add05
SHA512

c7a3b80d611ab3688fa4d65291fc0a23a0f48c8f739a06957fb101f62e5c87315b19200507b5199bbf8154a26e46e97c98090974ec909fc656f962038923bef5
SSDEEP

12288:+IaWQImf7zQJ7R1QLkjXl0ty4hnMSuVHYFND:+NJfoR1Q6X+ty4iSuV4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f658b52983eb2f65ccee80a69319fcd7_JaffaCakes118

Files

f658b52983eb2f65ccee80a69319fcd7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1dc18c0f26be2630427d35b35fff5f51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexA
CompareStringW
HeapDestroy
GetEnvironmentStrings
LoadLibraryA
GetCurrentProcessId
GetModuleFileNameA
MultiByteToWideChar
GetCurrentThreadId
GetVersion
GetACP
DeleteCriticalSection
GetLongPathNameW
GetCommandLineA
GetStringTypeA
EnumTimeFormatsW
HeapCreate
GetCurrentDirectoryA
GetOEMCP
HeapFree
GetPrivateProfileStructA
FindResourceA
WideCharToMultiByte
HeapAlloc
FlushFileBuffers
QueryPerformanceCounter
EnterCriticalSection
GetFileType
InterlockedExchange
RtlUnwind
GetPrivateProfileIntA
CreateMutexA
GetSystemTimeAsFileTime
CreateSemaphoreW
lstrlen
GetLastError
GetEnvironmentStringsW
SetHandleCount
SetStdHandle
TlsGetValue
UnhandledExceptionFilter
GetFullPathNameW
GetTimeZoneInformation
GetCurrentThread
SetEnvironmentVariableA
GetDateFormatA
VirtualAlloc
FreeEnvironmentStringsA
GetProcAddress
GetCPInfo
WriteFile
GetLocalTime
SetThreadPriority
FreeEnvironmentStringsW
TlsAlloc
GetStartupInfoA
ReadFile
LeaveCriticalSection
VirtualFree
TlsSetValue
InterlockedIncrement
HeapReAlloc
SetLastError
ReadFileEx
LCMapStringW
LCMapStringA
lstrcatA
GetModuleHandleA
ExitProcess
VirtualQuery
CompareStringA
GetCurrentProcess
lstrcmpA
GetStdHandle
WaitForSingleObject
SetFilePointer
TerminateProcess
GetUserDefaultLCID
CopyFileA
GetSystemTime
CloseHandle
IsBadWritePtr
GetTickCount
InitializeCriticalSection
GetStringTypeW
TlsFree
InterlockedDecrement

user32

DestroyWindow
RegisterClassExA
CreateCursor
ArrangeIconicWindows
RegisterClassA
GetClipboardData
SetScrollRange
BlockInput
ScrollWindowEx
EnumDisplaySettingsA
CreateWindowExW
ReuseDDElParam
ShowWindow
SwitchDesktop
DefWindowProcA
CreateWindowStationW
GetListBoxInfo
MessageBoxW
TrackMouseEvent
DdeConnectList
AppendMenuW
GetCapture
SetDeskWallpaper

comctl32

ImageList_SetFilter
InitCommonControlsEx

Sections

.text
Size: 148KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1dc18c0f26be2630427d35b35fff5f51

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 148KB - Virtual size: 144KB

.rdata Size: 256KB - Virtual size: 255KB

.data Size: 108KB - Virtual size: 134KB

.rsrc Size: 36KB - Virtual size: 32KB

.text
Size: 148KB - Virtual size: 144KB

.rdata
Size: 256KB - Virtual size: 255KB

.data
Size: 108KB - Virtual size: 134KB

.rsrc
Size: 36KB - Virtual size: 32KB