ff9d51a16006b184329226463051e444_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ff9d51a16006b184329226463051e444_JaffaCakes118
Size

546KB
MD5

ff9d51a16006b184329226463051e444
SHA1

268077cd731b88d8a7e467e3491743fcdb5d839e
SHA256

d700558b9418c156628ca25aeb04dd40e20af6991a15fcc0c6ab02b226a93e4f
SHA512

221e9d7bd4a50f152eb4d0e8120f58dceebf32f33be78b20c12d6fc80c310155b3e5d2a50eb2129699f05c68e39f255f72e9dabce3e96a54f35660077441a2fe
SSDEEP

12288:+7W5gx9PJniQBghbT4cnUh2YvbA97JkQrOysCbKHx3MsAHeH9QXjYqA8rhVxqf:+7SBP4czV7JkQrOgOHx8IdQ8g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff9d51a16006b184329226463051e444_JaffaCakes118

Files

ff9d51a16006b184329226463051e444_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb47152f138ab13c885dbe5da74d5cde

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
HeapSize
GetLocaleInfoA
VirtualProtect
GetVersionExA
GetTimeZoneInformation
TlsGetValue
GetFileType
UnhandledExceptionFilter
TlsSetValue
ReadFileEx
GetModuleHandleA
WideCharToMultiByte
IsBadWritePtr
GetCurrentThreadId
MultiByteToWideChar
SetFilePointer
IsValidLocale
OpenEventA
GetCommandLineA
GetProcAddress
SetEndOfFile
LCMapStringW
EnumSystemLocalesA
GetFileAttributesA
CompareStringW
SetEnvironmentVariableA
GetSystemTimeAsFileTime
ReadFile
PulseEvent
FreeEnvironmentStringsA
GetTimeFormatA
LCMapStringA
HeapCreate
GetStdHandle
CreateMutexA
ExitProcess
GetCurrentProcess
HeapFree
InitializeCriticalSection
TerminateProcess
RtlUnwind
HeapReAlloc
GlobalLock
CloseHandle
VirtualQuery
GetTickCount
VirtualFree
GetStringTypeA
OpenEventW
HeapDestroy
DeleteCriticalSection
InterlockedExchange
GetACP
GetModuleFileNameA
GetStartupInfoA
GetLocaleInfoW
CreateSemaphoreW
GetEnvironmentStrings
SetStdHandle
GetCPInfo
LeaveCriticalSection
CompareStringA
HeapAlloc
GetCurrentProcessId
IsValidCodePage
GetCurrentThread
FreeEnvironmentStringsW
WriteFile
LoadLibraryA
SetLastError
GetSystemInfo
GetOEMCP
GetDateFormatA
TlsFree
FlushFileBuffers
SetHandleCount
OpenMutexA
TlsAlloc
FindResourceW
GetConsoleCP
GetStringTypeW
EnumTimeFormatsW
GetLastError
QueryPerformanceCounter
VirtualAlloc
CreateFileMappingA
GetUserDefaultLCID
TryEnterCriticalSection
EnterCriticalSection
GetEnvironmentStringsW

comctl32

InitCommonControlsEx

shell32

SHEmptyRecycleBinW
SHGetNewLinkInfo
ExtractIconExA

user32

WINNLSGetIMEHotkey
ShowCaret
CheckRadioButton
IsCharLowerA
CharUpperA
SetUserObjectInformationA
CheckDlgButton
IsCharAlphaW
SetMessageExtraInfo
RegisterClassA
MonitorFromRect
RegisterClassExA
AppendMenuW

Sections

.text
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb47152f138ab13c885dbe5da74d5cde

Headers

File Characteristics

Imports

kernel32

comctl32

shell32

user32

Sections

.text Size: 215KB - Virtual size: 214KB

.rdata Size: 8KB - Virtual size: 13KB

.data Size: 316KB - Virtual size: 316KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 215KB - Virtual size: 214KB

.rdata
Size: 8KB - Virtual size: 13KB

.data
Size: 316KB - Virtual size: 316KB

.rsrc
Size: 6KB - Virtual size: 5KB