140897b42f6a47e38a4502a7d7b0a171_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

140897b42f6a47e38a4502a7d7b0a171_JaffaCakes118
Size

145KB
MD5

140897b42f6a47e38a4502a7d7b0a171
SHA1

e70b43f50df2683a6fdc06a14539ad429be85401
SHA256

97b850acb84f24f2b91f06d0ff63005152d0050373c227af3651e3741eef682a
SHA512

2a2fd0519b0d82e46f56ad6dc327432ae086146c3d00644f6f5f150be9be05b6b8bcb7b89dac3030681acb47e204b0bca38ed9c75840df58380721cbfc7f8f25
SSDEEP

3072:u6kdrOeLef3StDsYv7vQS/WWBz8gcpNNDuB/ogvTqX1+MnPhBtuni4PoBm:5qHKfwDt74UWBH7EKgvul+MpDuni4PoB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
140897b42f6a47e38a4502a7d7b0a171_JaffaCakes118

Files

140897b42f6a47e38a4502a7d7b0a171_JaffaCakes118
.exe windows:4 windows x86 arch:x86

768eca63b907f69bc3653a9f2975fd96

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
RtlUnwind
GetStartupInfoA
CreateThread
GetConsoleOutputCP
SetThreadAffinityMask
OpenEventA
GlobalMemoryStatus
GetStdHandle
GetProcessWorkingSetSize
ExitThread
VirtualQueryEx
FreeLibrary
GetLocaleInfoW
LocalFree
lstrcatA
GlobalAlloc
GetSystemDirectoryA
GetConsoleMode
ResetEvent
GetModuleHandleA
GetFileAttributesA
SetLastError

gdi32

CreateFontIndirectA
DeleteObject
CreatePen
LineTo
CreateDIBSection
GetTextExtentPoint32A
Polyline
CreateRectRgn
SetMapMode
SetBkColor
EndPage
StartPage
SetROP2
DeleteDC
SelectClipRgn
SelectObject
GetObjectA
GetBkMode
CreateCompatibleDC
GetTextMetricsA
SetTextColor

msvcrt

_mbsnicoll
_sys_nerr
_ismbckata
_sys_errlist
_chdir
iswalpha
_setjmp
_ultoa
_wgetcwd
_execlp
__p__commode
isalnum
_acmdln
_except_handler3
_XcptFilter
_wcslwr
_lock
_fstat
_safe_fprem
_wcsnicmp
_lrotr
_wexeclpe
exit
_assert
_ftime
_getdrive
_wutime
strtoul
tmpfile
_exit
_fcvt
_adjust_fdiv
__setusermatherr
_controlfp
_adj_fpatan
_mbsnbcat
_mbsnicmp
ldexp
__p__fmode
_wtol
_get_heap_handle
_mbscoll
memcpy
__set_app_type
_heapchk
wcsspn
_setmode
_initterm
_adj_fdivr_m16i
__getmainargs

user32

EnableWindow
GetKeyState
GetClassNameA
GetSubMenu
InvalidateRgn
GetPropA
TrackPopupMenuEx
GetUpdateRgn
BeginPaint
GetDC
MessageBoxA
EmptyClipboard
PeekMessageA
DestroyWindow
DeferWindowPos
ChildWindowFromPoint
DefWindowProcA
EndPaint
EndDialog
UpdateWindow
GetFocus
GetClassLongA
FindWindowExA
PostMessageA
GetWindowPlacement
DrawMenuBar
SetMenuItemInfoA
SendMessageTimeoutA
ReleaseCapture

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

768eca63b907f69bc3653a9f2975fd96

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

msvcrt

user32

Sections

.text Size: 126KB - Virtual size: 126KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 104KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 126KB - Virtual size: 126KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 104KB

.rsrc
Size: 7KB - Virtual size: 6KB