031b6b8e2b6ae09dd0cbddb83264e97a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

031b6b8e2b6ae09dd0cbddb83264e97a_JaffaCakes118
Size

234KB
MD5

031b6b8e2b6ae09dd0cbddb83264e97a
SHA1

8ce8aca7c50867b8cb046c46034ef22abf062583
SHA256

ac6c8213778a3cd4d78b88e2b7284f825cad1702a62a994e29fefb53864ca4b7
SHA512

8ee5b7f1d4d9b581d32c8aeb09b5897553080312a16ce6dc89d1a3a71d22246da334353631de222043cd055dc1cd23b4fae5b3ffe39cdd4c02bf325581f3d9f6
SSDEEP

3072:jYWlnI6noED1ddojMd4dNxfkdtR6ca7Kn3FbtP8dxAFKPx8Ltko6CAsObJQfMqLV:u6rRds7xWamnkkKZ8f6CxSQfMqLCyHX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
031b6b8e2b6ae09dd0cbddb83264e97a_JaffaCakes118

Files

031b6b8e2b6ae09dd0cbddb83264e97a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d65cb9bd8aedce80987fff0c0d604716

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempFileNameA
SetEndOfFile
GetFileSize
GetBinaryTypeA
LockResource
SetFileValidData
GlobalFree
CloseHandle
GetFileTime
MapViewOfFile
OpenFileMappingA
GetFileInformationByHandle
FlushFileBuffers
PostQueuedCompletionStatus
UnlockFile
FindNextFileA
ReadFileEx
FreeLibrary
FindClose
UnlockFileEx
CreateFileA
WriteFileEx
GetQueuedCompletionStatus
GetTempPathA
GetFileSizeEx
SetFileApisToANSI
MapViewOfFileEx
LockFileEx
FindFirstFileExA
AreFileApisANSI
MoveFileA
GetFullPathNameA
LoadLibraryA
FindFirstFileA
CreateIoCompletionPort
UnmapViewOfFile
GetShortPathNameA
WriteFile
SetFileAttributesA
ReadFile
GetCompressedFileSizeA
GetTickCount
LockFile
MoveFileExA
LoadResource
GetFileType
SetFilePointer
MoveFileWithProgressA
CreateFileMappingA
CopyFileA
SearchPathA
GetFileAttributesA
CreateHardLinkA
CopyFileExA
SetFileTime
ReplaceFileA
GetFileAttributesExA
ReadFileScatter
CancelIo
SizeofResource
GetProcAddress
FindResourceA
SetFilePointerEx
LoadLibraryExW
SetFileShortNameA
WriteFileGather
WinExec
GetModuleFileNameA
GetModuleHandleA
FlushViewOfFile
ExitProcess
MoveFileExW
GetCommandLineW
SetFileApisToOEM
CheckNameLegalDOS8Dot3A
GlobalAlloc

user32

MoveWindow
GetDesktopWindow
SetDlgItemTextA
EndDialog
DialogBoxParamA
GetWindowRect

advapi32

SetFileSecurityA

shell32

CommandLineToArgvW

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d65cb9bd8aedce80987fff0c0d604716

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 50KB - Virtual size: 49KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 72KB - Virtual size: 72KB

.rsrc Size: 201KB - Virtual size: 201KB

.text
Size: 50KB - Virtual size: 49KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 72KB - Virtual size: 72KB

.rsrc
Size: 201KB - Virtual size: 201KB