ff4dbc8a7fe42d4c213723a4002aff3f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ff4dbc8a7fe42d4c213723a4002aff3f_JaffaCakes118
Size

712KB
MD5

ff4dbc8a7fe42d4c213723a4002aff3f
SHA1

d9a7ec6f3e74ca399c82d71c466dfb062c5449fe
SHA256

3e3dddd12a1f4260d521b2f333a97883d2ebf521f0b02fdaf0c94e054a3a908a
SHA512

75673fe38c83e0ef88e0aa13706af152a4c56dbbd9790f2f4ad09e37ef9cb0a7b60dc45d6f01d2bdc874672ee43a825931c0ec0a3b7580ddcc631f0496cfe17e
SSDEEP

12288:O+CLULmqjDqNO5BsSWu0CPChvv1U8MQ9UUTF0bGq6oZHJQ23bkPrOeaiK4:O+SMmqjDqNOLsSF0CPChvv1bB9LTFPoW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff4dbc8a7fe42d4c213723a4002aff3f_JaffaCakes118

Files

ff4dbc8a7fe42d4c213723a4002aff3f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

553c8cee00fa6a14c0724b06074ea8a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
HeapReAlloc
CreateMutexA
VirtualAlloc
GetSystemTime
LCMapStringW
GetLocaleInfoA
GetLastError
GetStartupInfoA
IsValidLocale
SetConsoleCtrlHandler
GetACP
TlsAlloc
GetUserDefaultLCID
FindFirstFileExA
CreateFileW
HeapFree
HeapAlloc
VirtualQuery
HeapCreate
GetSystemTimeAsFileTime
LeaveCriticalSection
ReadConsoleA
ReadFile
GetDateFormatA
GetTimeFormatA
GetProcAddress
GetTickCount
GetEnvironmentStrings
GlobalSize
OpenMutexA
MultiByteToWideChar
GetStdHandle
GetCPInfo
SetFilePointer
GetProcessHeaps
GetLogicalDriveStringsA
OutputDebugStringA
GetCommandLineA
GetFileType
ExitProcess
HeapDestroy
InterlockedDecrement
InitializeCriticalSection
DeleteFileA
GetCurrentProcessId
GetStringTypeW
LCMapStringA
GetPrivateProfileStringA
GetCurrentThread
SetStdHandle
InterlockedIncrement
GetCurrentThreadId
SetLastError
DeleteCriticalSection
VirtualFree
GlobalAddAtomW
GetPrivateProfileSectionNamesA
QueryPerformanceCounter
DebugBreak
FreeEnvironmentStringsW
GetCurrentProcess
TerminateProcess
EnumSystemLocalesA
WideCharToMultiByte
GetVersionExA
GetEnvironmentStringsW
FlushFileBuffers
TlsSetValue
RtlUnwind
GetLocaleInfoW
FreeEnvironmentStringsA
GetStringTypeA
CompareStringW
RtlMoveMemory
TlsFree
IsBadWritePtr
GlobalGetAtomNameW
EnterCriticalSection
GetSystemInfo
SetEnvironmentVariableA
GetOEMCP
GetAtomNameA
IsBadReadPtr
LoadLibraryExA
HeapValidate
WriteFile
CompareStringA
GetModuleFileNameA
IsValidCodePage
UnhandledExceptionFilter
EnumCalendarInfoA
SystemTimeToFileTime
CloseHandle
InterlockedExchange
SetHandleCount
VirtualProtect
LoadLibraryA
GetTimeZoneInformation
FindNextFileW
TlsGetValue

user32

LoadIconW
ChangeMenuA
GetDlgItemTextA
GetPriorityClipboardFormat
FindWindowA
RegisterClassA
BeginDeferWindowPos
ReuseDDElParam
RegisterClassExA
IsDialogMessageW
OpenInputDesktop
DestroyCursor
GetDialogBaseUnits
GetKBCodePage
DdeGetData
SetTimer

comctl32

InitCommonControlsEx

Sections

.text
Size: 371KB - Virtual size: 370KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

553c8cee00fa6a14c0724b06074ea8a0

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 371KB - Virtual size: 370KB

.rdata Size: 11KB - Virtual size: 30KB

.data Size: 320KB - Virtual size: 320KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 371KB - Virtual size: 370KB

.rdata
Size: 11KB - Virtual size: 30KB

.data
Size: 320KB - Virtual size: 320KB

.rsrc
Size: 8KB - Virtual size: 8KB