1834594945a1a61db5501ab0b55ce0b0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1834594945a1a61db5501ab0b55ce0b0_JaffaCakes118
Size

284KB
MD5

1834594945a1a61db5501ab0b55ce0b0
SHA1

888fdb9941a14f57638d573fa8ef11d9e7f80426
SHA256

dc7d74bc650563632701f4a9505b5ecc053ee1d12da069bbebf489e6271e1022
SHA512

f700e7f200bb32cee79841b3213274944345e72ae7cddb428fe2a4f3a63f4fb454426a1ea41a0ae58acae7ddf524cea6b4cf70ae2ffbf86517db6eb3f1340827
SSDEEP

6144:eWDsp8jrkMolycnV99U00EbIe7OCzht/e47ph9/uKChUhQC8ZhblUkg/:bwBlycniEvd9uKChUmCeA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1834594945a1a61db5501ab0b55ce0b0_JaffaCakes118

Files

1834594945a1a61db5501ab0b55ce0b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93aa65a8bc88ac0fabf90d4ce44e8e62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
GetStartupInfoA
SetVolumeLabelW
WriteProfileStringW
GetLastError
HeapLock
HeapAlloc
TlsSetValue
SetEnvironmentVariableA
InterlockedIncrement
SetUnhandledExceptionFilter
GetTempFileNameW
CreateMailslotW
FreeEnvironmentStringsA
MultiByteToWideChar
SetConsoleCtrlHandler
WriteFile
GetModuleFileNameW
GetOEMCP
VirtualProtect
LCMapStringA
GetCPInfo
GetProcessHeap
GetCommandLineA
CreateDirectoryW
GetStringTypeA
SetLastError
GetLocaleInfoW
GetProcAddress
SetFileTime
GetLocaleInfoA
TlsFree
AddAtomA
GetACP
CreateNamedPipeW
GetStringTypeW
VirtualQuery
InterlockedDecrement
TlsAlloc
IsValidCodePage
EnumSystemLocalesA
GetTimeZoneInformation
SetHandleCount
GetFileType
HeapReAlloc
InitializeCriticalSection
ExitProcess
GetCompressedFileSizeA
SetStdHandle
VirtualAlloc
TlsGetValue
QueryPerformanceCounter
GetCurrentProcess
HeapCreate
GetModuleHandleA
GetDateFormatA
GetUserDefaultLCID
GetVersionExA
GetCurrentThreadId
IsValidLocale
VirtualFree
FreeLibrary
GetEnvironmentStrings
GetCurrentProcessId
GetModuleFileNameA
HeapDestroy
FreeEnvironmentStringsW
VirtualProtectEx
GetTickCount
GetStdHandle
CompareStringW
GetCurrentThread
LCMapStringW
IsDebuggerPresent
RtlUnwind
GetCommandLineW
GetSystemTimeAsFileTime
InterlockedExchange
HeapSize
CompareStringA
EnumResourceLanguagesW
GetEnvironmentStringsW
WideCharToMultiByte
GetStartupInfoW
GetTimeFormatA
HeapFree
TerminateProcess
LoadLibraryA
LeaveCriticalSection
Sleep
UnhandledExceptionFilter
EnterCriticalSection

gdi32

CopyEnhMetaFileA

advapi32

RegCreateKeyExA
CryptHashSessionKey

user32

GetWindowTextA
ShowWindow
CreateWindowExA
CreateWindowStationA
EqualRect
GetKeyNameTextA

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93aa65a8bc88ac0fabf90d4ce44e8e62

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

user32

Sections

.text Size: 139KB - Virtual size: 139KB

.data Size: 139KB - Virtual size: 139KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 139KB - Virtual size: 139KB

.data
Size: 139KB - Virtual size: 139KB

.rsrc
Size: 4KB - Virtual size: 4KB