ff7ec4f6bebe432d5741e01effc7963b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ff7ec4f6bebe432d5741e01effc7963b_JaffaCakes118
Size

503KB
MD5

ff7ec4f6bebe432d5741e01effc7963b
SHA1

a61f0573a7cc4cec9ccf45ed22459b6876fe441b
SHA256

2096506038036e5d95b8831bd3aaa221f237894803ef38acbf9e71e76d24abfb
SHA512

b30f407c28f4be66923fd43ad63ea5d376daa0b86634737d04c0c945f56d7cccd194affcc7a41ce4b51b2dbdeefba1f3433cab224f2333c1c302b861200dfa95
SSDEEP

12288:wXAVcDhm8OyGkNI0GApv15jrnxd3R53w8wh5:w7Dh3H1qpApd5jlD53wlP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff7ec4f6bebe432d5741e01effc7963b_JaffaCakes118

Files

ff7ec4f6bebe432d5741e01effc7963b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

48ca346f71a53dc280c93049f6f296b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

CharLowerBuffA
DdeFreeStringHandle
CreateIconFromResourceEx
GetWindowContextHelpId
SetClassLongA
SetSystemCursor
RegisterClassA
CloseClipboard
UnhookWinEvent
GetNextDlgGroupItem
GetListBoxInfo
RegisterClassExA

kernel32

TlsSetValue
InterlockedExchange
CompareStringW
CreateMutexA
GetStringTypeW
GetShortPathNameA
GetVersion
SetStdHandle
GetStringTypeA
OpenSemaphoreA
CloseHandle
GetStdHandle
GetSystemTime
GetPrivateProfileIntW
TlsAlloc
GetModuleFileNameA
VirtualAlloc
FreeEnvironmentStringsW
VirtualFree
SetLastError
WriteConsoleInputW
SuspendThread
GetCurrentProcess
EnterCriticalSection
WaitForSingleObjectEx
FlushFileBuffers
GetSystemTimeAsFileTime
QueryPerformanceCounter
AddAtomA
HeapFree
GetEnvironmentStringsW
GetCalendarInfoA
CompareStringA
HeapReAlloc
GetCurrentThread
AllocConsole
GetSystemDefaultLCID
InitializeCriticalSection
GlobalGetAtomNameW
GetEnvironmentStrings
ExitProcess
GetModuleHandleA
InterlockedDecrement
GetCurrentThreadId
VirtualProtect
ConvertDefaultLocale
LCMapStringW
HeapAlloc
CreateEventW
LeaveCriticalSection
WriteFile
TlsGetValue
IsBadWritePtr
ExpandEnvironmentStringsA
TlsFree
MultiByteToWideChar
TerminateProcess
FlushInstructionCache
HeapDestroy
LCMapStringA
GetLocalTime
GetConsoleTitleW
GetStartupInfoW
GetProcAddress
GetCurrentProcessId
GetModuleFileNameW
WaitForMultipleObjectsEx
HeapCreate
GetCommandLineW
ReadConsoleOutputCharacterA
WideCharToMultiByte
GetStringTypeExA
GetTickCount
RtlUnwind
GetFileType
SetFileAttributesA
InterlockedIncrement
OpenMutexA
GetProfileSectionW
SetFilePointer
GetTimeZoneInformation
GetPrivateProfileSectionNamesW
ReadFile
VirtualQuery
UnhandledExceptionFilter
LoadLibraryA
GetLastError
FreeEnvironmentStringsA
SetEnvironmentVariableA
DeleteCriticalSection
GetStartupInfoA
SetHandleCount
GetCPInfo
GetCommandLineA

Sections

.text
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 354KB - Virtual size: 353KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48ca346f71a53dc280c93049f6f296b4

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 131KB - Virtual size: 131KB

.rdata Size: 4KB - Virtual size: 34KB

.data Size: 354KB - Virtual size: 353KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 131KB - Virtual size: 131KB

.rdata
Size: 4KB - Virtual size: 34KB

.data
Size: 354KB - Virtual size: 353KB

.rsrc
Size: 12KB - Virtual size: 11KB