16296664c7ad62326b0fe643846d45a7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16296664c7ad62326b0fe643846d45a7_JaffaCakes118
Size

148KB
MD5

16296664c7ad62326b0fe643846d45a7
SHA1

29401511ca85601c5296aa443daac2a005c7bfed
SHA256

02be00e5b0532a7fd5015660a4c47cabcd4c18280f56b13123d378ac4528e656
SHA512

7c0618e96a532d86085518e96cebb3c45261b090b674b98b8b4b732ea28531fc000f19c2a64107ac10d0d6186eb5c1127d09464d42abdb86a3ac3bdd01989c78
SSDEEP

3072:TVuh1rEaQY6b1jVhQkumrvxhaU+j9ZLmihlH10VCaiCrG9wQTnr:TV0Eaf6bhvPrHz+TmihsNiIG9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16296664c7ad62326b0fe643846d45a7_JaffaCakes118

Files

16296664c7ad62326b0fe643846d45a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78390ef480575e5037e946a888645f29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
SetCurrentDirectoryA
LockFile
ReadFile
GetDiskFreeSpaceA
WriteFile
SystemTimeToFileTime
GetLastError
CloseHandle
GetCurrentThread
DeleteFileA
CreatePipe
GetUserDefaultLCID
SetFileAttributesA
SetEnvironmentVariableA
GetModuleHandleA
IsBadWritePtr
GetFileInformationByHandle
SetEnvironmentVariableW
GetFileAttributesA
FreeLibrary
GetDriveTypeA
RaiseException
WriteConsoleA
DeleteCriticalSection
GetStdHandle
GetCurrentProcess
RemoveDirectoryA
PeekConsoleInputA
IsBadCodePtr
GetCPInfo
SetStdHandle
GetFullPathNameA
GetEnvironmentStrings
ReadConsoleInputA
SetEndOfFile
UnlockFile
CreateDirectoryA
GetTimeZoneInformation
RtlUnwind
SetCurrentDirectoryW
GetLogicalDrives
GetExitCodeProcess
CreateDirectoryW
LocalFileTimeToFileTime
FindNextFileA
GetCommandLineA
GetConsoleMode
SetLocalTime
GetModuleFileNameW
SetConsoleMode
GetDriveTypeW
DuplicateHandle
RemoveDirectoryW
GetCurrentDirectoryA
GetFileAttributesW
SetUnhandledExceptionFilter
TlsAlloc
TlsSetValue
GetProcAddress
VirtualFree
CreateFileA
FlushFileBuffers
GetACP
ResumeThread
SetFileAttributesW
SetFileTime
CreateThread
GetNumberOfConsoleInputEvents
LeaveCriticalSection
GetStartupInfoA
TlsGetValue
InitializeCriticalSection
IsValidCodePage
GetVersion
GetSystemDefaultLCID
GetLocalTime
Beep
FindClose
SetFilePointer
GetCurrentDirectoryW
GetFullPathNameW
FindFirstFileW
GetFileType
EnterCriticalSection
QueryPerformanceCounter
GetModuleFileNameA
FindNextFileW
GetSystemDefaultLangID
FindFirstFileA
FileTimeToLocalFileTime
ReadConsoleA
LoadLibraryW
FileTimeToSystemTime
SetConsoleCtrlHandler
MultiByteToWideChar
WaitForSingleObject

user32

MessageBoxA

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78390ef480575e5037e946a888645f29

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 79KB - Virtual size: 79KB

.rdata Size: 33KB - Virtual size: 32KB

.rdata Size: 11KB - Virtual size: 11KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 79KB - Virtual size: 79KB

.rdata
Size: 33KB - Virtual size: 32KB

.rdata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 23KB - Virtual size: 23KB