ff9f0d881f12359f3b7b002033c73b94_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ff9f0d881f12359f3b7b002033c73b94_JaffaCakes118
Size

80KB
MD5

ff9f0d881f12359f3b7b002033c73b94
SHA1

10e6f5ae10be535ef34531e4d3dea3651445524c
SHA256

1a0e4695c4f85251725f8363e49d211f056d9e3daca37bf84d06732494ec8ff2
SHA512

f209b0c0e59c927dde969eb24556d1e08734677244a44015152e6f8e63ebf696c0d32923c567f254135b44fc7b67f0d265f72813f179069f50937af3ba0bdb35
SSDEEP

1536:eP1NVU20eeqihQAXnFfTtrHCWY+syo4azG:0WGeqiWAXnZ1HbYLyo4azG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff9f0d881f12359f3b7b002033c73b94_JaffaCakes118

Files

ff9f0d881f12359f3b7b002033c73b94_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30d09cea597f476b737eb3f8490f5dbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
FreeEnvironmentStringsA
GetLastError
CloseHandle
SetFileAttributesA
GetEnvironmentStrings
GetCurrentDirectoryA
GetModuleFileNameA
RemoveDirectoryA
CreateProcessA
SetCurrentDirectoryA
HeapReAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
CompareStringW
CompareStringA
SetEndOfFile
FlushFileBuffers
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetProcAddress
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetLocalTime
GetSystemTime
GetTimeZoneInformation
SetStdHandle
CreateFileA
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
SetFilePointer
GetFileType
SetHandleCount
ReadFile
GetOEMCP
GetACP
GetCPInfo
GetStdHandle
WriteFile
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
GetTempPathA
HeapSize
SetEnvironmentVariableA
GetFullPathNameA
GetDriveTypeA
FindFirstFileA
FindNextFileA
FindClose
IsBadWritePtr
GetStartupInfoA
DeleteFileA
GetFileAttributesA
CreateDirectoryA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetModuleHandleA
GetCommandLineA
GetVersion
RaiseException
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc

user32

MessageBoxA
LoadStringA
DispatchMessageA
TranslateMessage
LoadIconA
LoadCursorA
RegisterClassA
GetMessageA
GetWindowTextA
CreateDialogParamA
GetDesktopWindow
GetWindowRect
ShowWindow
SetActiveWindow
GetClientRect
CreateWindowExA
UpdateWindow
DefWindowProcA
PostQuitMessage
DestroyWindow
DialogBoxParamA
EndDialog
SetWindowPos
SetFocus
GetDlgItem
SetWindowTextA
SendMessageA
PeekMessageA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

FindExecutableA
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30d09cea597f476b737eb3f8490f5dbe

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 418KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 418KB

.rsrc
Size: 8KB - Virtual size: 7KB