12ab389ea147166cc37ad5cc03c7555d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

12ab389ea147166cc37ad5cc03c7555d_JaffaCakes118
Size

185KB
MD5

12ab389ea147166cc37ad5cc03c7555d
SHA1

c1222705607f7f97396375770f07fcf0cc9ce980
SHA256

c992f8543690be0a6a1a0081778c05d50bc7641330614faa5cfefea0c832b0ba
SHA512

2ff472b2f3461e4acc3ddc6becad008d5ab5f022b13d97df8df6b8b61970b40e2d7532967ff3acd7f71052d4e4c14fba4d44733d1db3db91c9182620d5828c73
SSDEEP

3072:6HLcGEBVx7NeRhw0c/2eYPb4T0N0jd3kKzoLryLJgogZ5tdFfNuMZfqoizlw7fl8:+Lc1Bv7qh4r0mjlIrxogZ5vFAMVqoi8W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12ab389ea147166cc37ad5cc03c7555d_JaffaCakes118

Files

12ab389ea147166cc37ad5cc03c7555d_JaffaCakes118
.exe windows:1 windows x86 arch:x86

85b36679128ce5660f3c1e1b885474f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
ReadFile
GetLocaleInfoA
GetVersionExA
GlobalFree
VirtualProtect
GetSystemTimeAsFileTime
GetEnvironmentStrings
GetCurrentThread
InitializeCriticalSection
GlobalSize
GetLocalTime
GetConsoleCP
TerminateThread
GetCurrentProcessId
FileTimeToSystemTime
TlsFree
CreateFileMappingA
GetCommandLineA
OutputDebugStringA
GetFullPathNameW
GetEnvironmentStringsW
EnumSystemLocalesA
GetLastError
GetStringTypeW
GetCurrentProcess
SizeofResource
SetEvent
GetConsoleMode
LeaveCriticalSection
InterlockedExchange
HeapSize
LCMapStringA
FreeEnvironmentStringsW
HeapDestroy
GetModuleHandleA
TlsSetValue
CreateFileA
LCMapStringW
GetOEMCP
FormatMessageA
FindResourceW
GetDriveTypeW
SearchPathW
GetFileType
GetThreadLocale
Sleep
DisableThreadLibraryCalls
DeleteCriticalSection
LoadLibraryA
GetModuleFileNameA
VirtualQuery
FindResourceExW
TlsGetValue
DeviceIoControl
GetProcessHeap
lstrlenW
WaitForMultipleObjects
SetStdHandle
GetProcAddress
GetCPInfo
GetCommandLineW
QueryPerformanceCounter
GetACP
InterlockedIncrement
FlushInstructionCache
HeapAlloc
RtlUnwind
SetHandleCount
LocalAlloc
WriteFile
CreateEventA
HeapFree
VirtualFree
VirtualAlloc
GetFileSize
TerminateProcess
SetUnhandledExceptionFilter
GetTickCount
MultiByteToWideChar
SetLastError

user32

SetPropW
MessageBoxW
LoadIconA
GetAsyncKeyState
SetFocus
FindWindowA
EnableWindow
GetKeyState
CallWindowProcW
DefWindowProcW
SetWindowPos
PeekMessageW
AdjustWindowRectEx
SetWindowRgn
GetDC
SendMessageA
SetForegroundWindow
GetDlgItem
GetParent
EqualRect
SendMessageW
MoveWindow
ClientToScreen
IsDialogMessageA
RedrawWindow
SetWindowTextW
GetMessageTime
LoadStringW
PostMessageW
GetWindowLongW
GetMessageW

gdi32

RectVisible
SetWindowExtEx
SelectObject
SetTextColor
GetTextExtentPoint32A
GetStockObject
Escape

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 122KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85b36679128ce5660f3c1e1b885474f7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 3KB - Virtual size: 17KB

.data Size: 122KB - Virtual size: 1.1MB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 3KB - Virtual size: 17KB

.data
Size: 122KB - Virtual size: 1.1MB

.rsrc
Size: 3KB - Virtual size: 3KB