140268f91b23b44f694ebfa686f2aa27_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

140268f91b23b44f694ebfa686f2aa27_JaffaCakes118
Size

172KB
MD5

140268f91b23b44f694ebfa686f2aa27
SHA1

c5042bd09d493c6a7ee4ebf0a2bb3da9b3fb0151
SHA256

a247f115015e62b22eb842b3bcdc37e59c52d9096935ca76c9ac0ab8dadc62e8
SHA512

9657cf752c259088df91f9a532ac6fc3eb50ee7c954451605feedca54ffbae47ad558c300bb4e0e14bbb3245d511f1f4bff31f1e21828f70526985631bc8c4e0
SSDEEP

3072:YWqRFhLSvN/EMOz1IYHI+aIshIuAlfWgIqInPCcesBv3/Wbm9C5Dl/DfFHAYdmoF:hqrhuv23ZF7aIruAf+P3JWf5Dlbf9dJF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
140268f91b23b44f694ebfa686f2aa27_JaffaCakes118

Files

140268f91b23b44f694ebfa686f2aa27_JaffaCakes118
.exe windows:4 windows x86 arch:x86

036f9889e31cbed6e63a9dede1ea90bb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WaitForSingleObject
lstrcmpA
GetTickCount
lstrcpynW
Sleep
LocalFree
FlushFileBuffers
GetThreadLocale
GetStringTypeA
GetVersion
LocalAlloc
lstrlenA
GetCurrentProcess
GetConsoleCP
CheckRemoteDebuggerPresent
GetCurrentProcessId
LCMapStringW
GetCPInfo
FindResourceW
GetStringTypeW
WriteConsoleA
CreateSemaphoreW
LCMapStringA
TlsAlloc
GetConsoleOutputCP
IsProcessorFeaturePresent
WriteConsoleW
RaiseException
TlsSetValue
EnumResourceTypesW
SetUnhandledExceptionFilter
HeapDestroy
WritePrivateProfileSectionW
TlsGetValue
GetConsoleMode
InterlockedExchange
FlushInstructionCache
InterlockedCompareExchange
GetACP
QueryPerformanceCounter
LoadResource
VirtualAlloc
GetStartupInfoA
SetFilePointer
GetSystemTimeAsFileTime
TlsFree
GetCurrentThreadId
SetStdHandle
CreateFileA
IsDebuggerPresent
GetDriveTypeW
CreateFileMappingW
GetLocaleInfoA
InitializeCriticalSection
LockResource
SizeofResource
LoadLibraryA
WideCharToMultiByte
MulDiv
VirtualFree
HeapSize
SetLastError
CopyFileW
GetOEMCP
HeapCreate
LeaveCriticalSection
GetFileType

winspool.drv

DocumentPropertiesW

user32

GetWindowInfo
PeekMessageW
SetWindowPos
GetWindow
SystemParametersInfoW
BeginPaint
MessageBoxW
GetDC
GetWindowRect
GetDlgItemTextW
GetParent
GetClientRect
DestroyWindow
SetWindowTextW
TranslateMessage
LoadCursorW
SetCapture
MapWindowPoints
RegisterClassExW
CreateWindowExW
EndPaint
GetAncestor
GetWindowTextLengthW
GetClassInfoExW
DispatchMessageW
SetDlgItemTextW
EndDialog

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

036f9889e31cbed6e63a9dede1ea90bb

Headers

File Characteristics

Imports

kernel32

winspool.drv

user32

Sections

.text Size: 117KB - Virtual size: 116KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 51KB - Virtual size: 50KB

.isete Size: 1024B - Virtual size: 244KB

.text
Size: 117KB - Virtual size: 116KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 51KB - Virtual size: 50KB

.isete
Size: 1024B - Virtual size: 244KB