f9a2b424de96636be59b27531420b1d9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f9a2b424de96636be59b27531420b1d9_JaffaCakes118
Size

493KB
MD5

f9a2b424de96636be59b27531420b1d9
SHA1

1082c391ab285841cf6a96e3f35cd20efade8fc7
SHA256

46d14672983458e86c166ba0954f780f90990e1348b216c651ed1ae52a565d9e
SHA512

8a35effb4eaee090318e8cce13dd405a26f48bff8b30803f560253dcfa517098631bab164276b2c44cdb645b7a145e71424c549c934b8f5eddafbd9bfddf9b70
SSDEEP

6144:C8HvW1tqnszfbjA8AAYa/1Owa+udFkBw9JVCHiZIhyphANDnF0R9BiANuDkr2sa8:9PacUfnZAd8k+udOBFqIVDixNNys

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9a2b424de96636be59b27531420b1d9_JaffaCakes118

Files

f9a2b424de96636be59b27531420b1d9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b59b5c620be81232d4b69b9c6cbd5a38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateColorSpaceW
GetDeviceCaps
SetTextColor

user32

LoadAcceleratorsA
EnableWindow
DlgDirSelectComboBoxExA
CreateCursor
GetThreadDesktop
GetClassWord
DrawStateA
UnhookWinEvent
RegisterClassExA
RegisterClassA
ChangeMenuW

kernel32

GetModuleFileNameA
RtlUnwind
FlushFileBuffers
HeapFree
EnumTimeFormatsW
TerminateProcess
HeapAlloc
GetLocaleInfoW
GetStringTypeA
GetSystemInfo
HeapDestroy
OpenMutexA
GetSystemTime
GetCommandLineW
OpenFileMappingW
CloseHandle
GetCommandLineA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentThread
ExitProcess
GetCurrentProcess
GetConsoleScreenBufferInfo
TlsAlloc
GetModuleHandleA
LocalFree
lstrcpyA
IsBadWritePtr
GetModuleFileNameW
LCMapStringW
GetStartupInfoA
VirtualProtect
IsValidCodePage
UnhandledExceptionFilter
HeapCreate
SetHandleCount
OutputDebugStringW
WideCharToMultiByte
CompareStringW
LeaveCriticalSection
LoadLibraryA
GetVersionExA
GetTimeFormatA
TlsFree
TlsGetValue
WriteFile
HeapSize
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
EnterCriticalSection
GetStartupInfoW
GetLastError
VirtualAlloc
GetStdHandle
CreateMutexA
ReadFile
IsValidLocale
SetStdHandle
GetProcAddress
HeapReAlloc
GetProcessShutdownParameters
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
VirtualFree
InitializeCriticalSection
GetOEMCP
SetEnvironmentVariableA
MultiByteToWideChar
GetCurrentProcessId
EnumSystemLocalesA
SetConsoleWindowInfo
SetFilePointer
GetStringTypeW
FreeEnvironmentStringsA
VirtualQuery
GetACP
GetVolumeInformationW
InterlockedExchange
WriteConsoleOutputCharacterW
GetLocaleInfoA
TlsSetValue
GetUserDefaultLCID
GetUserDefaultLangID
GlobalSize
GetTimeZoneInformation
GetCurrencyFormatW
VirtualAllocEx
DeleteCriticalSection
GetDateFormatA
CompareStringA
GetFileType
AddAtomW
GetTickCount
SetLastError
GetCPInfo
CreateEventW
HeapValidate

comctl32

InitCommonControlsEx

comdlg32

FindTextA

shell32

ExtractIconA
SHFileOperation
ExtractIconEx
SHGetPathFromIDListW

Sections

.text
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b59b5c620be81232d4b69b9c6cbd5a38

Headers

File Characteristics

Imports

gdi32

user32

kernel32

comctl32

comdlg32

shell32

Sections

.text Size: 165KB - Virtual size: 164KB

.rdata Size: 8KB - Virtual size: 31KB

.data Size: 312KB - Virtual size: 312KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 165KB - Virtual size: 164KB

.rdata
Size: 8KB - Virtual size: 31KB

.data
Size: 312KB - Virtual size: 312KB

.rsrc
Size: 7KB - Virtual size: 6KB