12acc40e5bebd6fffc11b71d2f632488_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

12acc40e5bebd6fffc11b71d2f632488_JaffaCakes118
Size

126KB
MD5

12acc40e5bebd6fffc11b71d2f632488
SHA1

d98d0a98f7ad22c56bdd89dfb92797952d87be9d
SHA256

f160e0848eb634532e4c54430e45d9143f85f70f465c0f76073a63ae935553c3
SHA512

6e374f74a46a00882e6ac4b0433d1e02d96b843c1aa1f615357f1ad61a8741dcba7fea48b35b625aac179cd07ca2051ca32b487e2de09010ba45a7d353ac04b5
SSDEEP

3072:ZqRDrzqMevq2cIidUFntSuJ2KitGS76ZS2fmNG:W+i2wdOnkuYKtS76o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12acc40e5bebd6fffc11b71d2f632488_JaffaCakes118

Files

12acc40e5bebd6fffc11b71d2f632488_JaffaCakes118
.exe windows:4 windows x86 arch:x86

652da4d1fe3ad0fdfe5f8fd4816bbe9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ReadConsoleA
GlobalAddAtomA
IsBadHugeReadPtr
Beep
GetProcAddress
FindResourceA
LoadLibraryExA
GetSystemDefaultLCID
GetLongPathNameA
GetDriveTypeA
GetCommTimeouts
GetExitCodeThread
LoadResource
PulseEvent
CopyFileA
UpdateResourceA
GetModuleFileNameA
WaitForMultipleObjectsEx
GetLargestConsoleWindowSize
RemoveDirectoryA
GetStdHandle
GetTickCount
GetProcessVersion
HeapCreate
MoveFileExA
CreateWaitableTimerA
CreateMutexA
IsBadCodePtr
CreateRemoteThread
SetEvent
GlobalFindAtomA
DefineDosDeviceA
GetHandleInformation
GetProfileIntA
AddAtomA
SizeofResource
GetNamedPipeInfo
DisconnectNamedPipe
SetLastError
GetFileInformationByHandle
VirtualFreeEx
CommConfigDialogA
VirtualFree
GetOEMCP
FlushInstructionCache
IsValidCodePage
LoadLibraryA
InitAtomTable
GetThreadLocale
QueryPerformanceCounter
OpenEventA
FindCloseChangeNotification
GetFileAttributesA
FoldStringA
GetThreadPriorityBoost
WaitForSingleObjectEx
CloseHandle
GetVolumeInformationA
SetFilePointer
MapViewOfFile
OpenSemaphoreA
DeleteAtom
GlobalFree
QueueUserAPC
IsBadWritePtr
DeleteFileA
VirtualAlloc
FindNextChangeNotification
ReadProcessMemory
CreateSemaphoreA
GetSystemDefaultLangID
Sleep
FlushFileBuffers
DuplicateHandle
GlobalSize
SetErrorMode
OpenMutexA
OpenProcess
HeapFree
ClearCommBreak
HeapDestroy
WaitForMultipleObjects
GetCurrentProcessId
GetCommMask
VirtualQueryEx
VirtualUnlock
GlobalHandle
GetBinaryTypeA
CancelWaitableTimer
GetPriorityClass
DeleteFiber
GetUserDefaultLangID
SearchPathA
GetProcessHeaps
GetLogicalDrives
GlobalReAlloc
FindAtomA
GetShortPathNameA
CopyFileExA
GetPrivateProfileStructA
GetProcessAffinityMask
WriteProfileSectionA
OpenFileMappingA
GetACP
VirtualProtectEx
LocalUnlock
EndUpdateResourceA
GetCurrentThread
IsProcessorFeaturePresent
GetProcessTimes
GetUserDefaultLCID
GetCommandLineA
WideCharToMultiByte
OutputDebugStringA
GlobalCompact
MultiByteToWideChar
WritePrivateProfileStructA
HeapValidate
LocalCompact
UnlockFile
LockResource
DeviceIoControl
FindFirstChangeNotificationA
GetLogicalDriveStringsA
GetSystemDefaultUILanguage
GetDiskFreeSpaceExA
GetPrivateProfileSectionA
IsDebuggerPresent
GetCommConfig
GetModuleHandleA
FindResourceExA
GetSystemDirectoryA
LocalSize
GetFileType
GetCurrentProcess
LocalShrink
LocalFree
CreateEventA
VirtualQuery
AreFileApisANSI
ReleaseSemaphore
PeekConsoleInputA
GetLocalTime
CreateFileMappingA
GetStartupInfoA

msvcrt

srand
__set_app_type
_controlfp
exit
strstr

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

652da4d1fe3ad0fdfe5f8fd4816bbe9b

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 15KB - Virtual size: 15KB

.data Size: 110KB - Virtual size: 110KB

.text
Size: 15KB - Virtual size: 15KB

.data
Size: 110KB - Virtual size: 110KB