08947fb49216f99c87230020c05790b6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

08947fb49216f99c87230020c05790b6_JaffaCakes118
Size

487KB
MD5

08947fb49216f99c87230020c05790b6
SHA1

7de2367eee7d0065940d946dd097a64d20fa9e24
SHA256

7fe96337e7dd29f7d932cca5a8012ee44a8cdcf21d60d02b5d9b1ceb6bdf15e2
SHA512

1b72c9e1c1f9d9e7e195d30e2bb9776b7a0cdba045d3a3711406405bf1e195b251fe6d2aa8e9e4b9cf7a51527e1de42da2e07874f2e93b3b6825f2aa46856616
SSDEEP

12288:auSPISQ5zY1vt3Lr3XBphy6A4ek7uGexpK9WDvjQlFoWun:auSgS9t3LLsZ4uyjun

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08947fb49216f99c87230020c05790b6_JaffaCakes118

Files

08947fb49216f99c87230020c05790b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

20179cbb4269e229e45896372fed3346

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateCompatibleDC
SetTextColor
SetBkColor
SelectObject

user32

ScreenToClient
ReleaseDC
MessageBoxA
IsWindow
PostQuitMessage
UpdateWindow
DestroyWindow

kernel32

ExitProcess
GetProcessHeap
GetLastError
HeapFree
GetStdHandle
ReadFile
SetLastError
GetCurrentProcessId
LeaveCriticalSection
GetVersion
HeapAlloc
CreateFileA
Sleep
InterlockedDecrement
GlobalLock
WaitForSingleObject
LoadResource
WriteConsoleA
GetModuleFileNameA
SizeofResource
SetStdHandle
FormatMessageW
LocalFree
GetFileAttributesA
GetCurrentThreadId
HeapReAlloc
GetACP
TerminateProcess
CreateFileMappingA
GetSystemTimeAsFileTime
CloseHandle
GetCurrentProcess
WriteFile
SetUnhandledExceptionFilter
InterlockedExchange
FindFirstFileA
SetFilePointer
GetStringTypeA
LoadLibraryW
GetCPInfo
RaiseException
GetModuleHandleA
GetProcAddress
GetCommandLineA
SetEvent
IsDebuggerPresent
WideCharToMultiByte
DeleteFileA
CreateDirectoryA
UnhandledExceptionFilter
WaitForMultipleObjects
GetFileSize
FreeEnvironmentStringsW
GetEnvironmentStrings
GetStartupInfoA
DeleteCriticalSection
lstrlenW
LoadLibraryA
GetVersionExA
GetTickCount
HeapDestroy
QueryPerformanceCounter
FreeLibrary
GetModuleHandleW
GetConsoleCP
GlobalFree
GetModuleFileNameW
lstrlenA
FileTimeToSystemTime

msvcrt

__getmainargs
_controlfp
_except_handler3
__set_app_type
__p__fmode
_exit
_XcptFilter
exit
_acmdln
_strcmpi
_initterm
__setusermatherr
_adjust_fdiv
__p__commode

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 454KB - Virtual size: 454KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20179cbb4269e229e45896372fed3346

Headers

File Characteristics

Imports

gdi32

user32

kernel32

msvcrt

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 454KB - Virtual size: 454KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 454KB - Virtual size: 454KB

.rsrc
Size: 4KB - Virtual size: 3KB