1082b4e6d8d98e89876194cde7b119e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1082b4e6d8d98e89876194cde7b119e6_JaffaCakes118
Size

13KB
MD5

1082b4e6d8d98e89876194cde7b119e6
SHA1

1eeb6315a6fec7a98040b2910fc6269b24a79d9c
SHA256

dbc8e4efc743b5e83f8825d1c35d5d7bb286162fc78ef34b22de7534c1207404
SHA512

d8fb6363673b006a65faebc08ab4f41b1aa01aa635600cc9258dd144477e660144da2dee90dcce3513919801768d92082b1645bb686403d868dd90562949aab6
SSDEEP

384:N6g5QA67pPc0XWnbKjnCaofYp9Ocse/ie/ainPWCdA/86:Egi7pPenbKj5oGwsXC0+zf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1082b4e6d8d98e89876194cde7b119e6_JaffaCakes118

Files

1082b4e6d8d98e89876194cde7b119e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b1eaacd262eade4b554e029531a2753

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
EnterCriticalSection
Sleep
GetSystemTimeAsFileTime
GetCurrentThreadId
lstrcmpW
GetTimeZoneInformation
GetTickCount
DeleteCriticalSection
VirtualAlloc
GetCommandLineA
GetCommandLineW
CreateEventW
lstrcmpiA
InterlockedIncrement
lstrcmpiW
GetModuleHandleW
InitializeCriticalSection
GetWindowsDirectoryA
TlsSetValue
DeleteFileA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualFree
GetCurrentProcessId
MoveFileA
GetSystemDirectoryW
LocalFree
LockResource
ReadFile
FindClose
SetStdHandle
GetModuleHandleA
VirtualProtect
SetEvent
InterlockedCompareExchange
GetACP
LeaveCriticalSection
LoadResource
GetFileSize
HeapCreate
MultiByteToWideChar
GlobalLock
GlobalSize
GetSystemInfo
InterlockedExchange
GlobalUnlock
LocalAlloc
SetEnvironmentVariableA
SizeofResource
CloseHandle
GetCurrentProcess
GetConsoleCP
GetVersion
GetModuleFileNameW
GetEnvironmentStrings
HeapDestroy
GetStdHandle
CreateFileA
DisableThreadLibraryCalls
GetLocaleInfoW

msvcrt

__setusermatherr
memmove
fflush
_unlock
memcpy
memset
_lock

user32

SetFocus
SetRectEmpty
wsprintfA
DestroyWindow
SystemParametersInfoA
IsWindow
MessageBoxW
GetWindowTextW
EnableWindow
UnionRect
DispatchMessageA
BeginPaint
RegisterWindowMessageW
GetPropA
IsRectEmpty
KillTimer
DestroyIcon
ValidateRect
GetScrollInfo
ScreenToClient
CharNextA

ole32

CoTaskMemAlloc
CoCreateInstance
SetDocumentBitStg

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b1eaacd262eade4b554e029531a2753

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

ole32

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 10KB

.data Size: 2KB - Virtual size: 175KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 10KB

.data
Size: 2KB - Virtual size: 175KB

.rsrc
Size: 3KB - Virtual size: 3KB