289adb06d29574550067a825d13f3faf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

289adb06d29574550067a825d13f3faf_JaffaCakes118
Size

308KB
MD5

289adb06d29574550067a825d13f3faf
SHA1

94f76c267ff600873438b1da2316e7f2f78d312c
SHA256

ef3e4771831f0edb91383429257f195d120b99794f57861d2b3d26c6277bb7da
SHA512

fd322b1dec63c56c03856f694aed407a3ead9860f609d4c6065bae4efef959159117135de816419b7d900be90ef25520da09d739963b7c04f1de94dd463d97e2
SSDEEP

6144:nER0OTioEaDb1hZYUtHF5A8Xgi8BUw4SsV74uDdmHHVtQVPI8iteb:ER0RUpz9P1zSsZ3BeuVPI5kb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
289adb06d29574550067a825d13f3faf_JaffaCakes118

Files

289adb06d29574550067a825d13f3faf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1da0755a7c9c9be5edb3d2b9fca3780c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeFreeStringHandle
DestroyCursor
GetAncestor
TranslateAcceleratorA
RegisterClassExA
RegisterClassA

comctl32

InitCommonControlsEx

kernel32

CreateMutexA
LCMapStringW
OpenMutexA
DeleteCriticalSection
GetCurrentThread
GetLastError
GetStartupInfoW
GetFileAttributesW
HeapFree
GetModuleFileNameW
GetConsoleCP
SetConsoleCtrlHandler
TlsFree
TlsGetValue
FreeLibrary
IsValidLocale
GetStdHandle
GetModuleFileNameA
HeapSize
CreateEventA
GetCurrentProcess
HeapReAlloc
GlobalAlloc
WriteConsoleOutputAttribute
HeapCreate
CompareStringW
GetCommandLineA
InterlockedExchange
SetEnvironmentVariableA
CloseHandle
SetComputerNameW
GetStringTypeA
GetStartupInfoA
LCMapStringA
TlsAlloc
WriteConsoleW
GetCurrentThreadId
VirtualFree
GetLocaleInfoW
InitializeCriticalSection
SetUnhandledExceptionFilter
SetLastError
LeaveCriticalSection
MultiByteToWideChar
GetCommandLineW
GetEnvironmentStrings
GetTickCount
GetProcessHeap
GetConsoleOutputCP
CreateDirectoryA
GetProcAddress
GlobalGetAtomNameW
EnumSystemLocalesA
GetACP
IsValidCodePage
GetStringTypeW
GetConsoleTitleW
GetTimeFormatA
CompareStringA
TlsSetValue
GetCurrentProcessId
GlobalFree
HeapAlloc
HeapLock
TerminateProcess
SetStdHandle
WaitForMultipleObjectsEx
VirtualAlloc
WideCharToMultiByte
ExitProcess
InterlockedIncrement
GetEnvironmentStringsW
GetConsoleMode
WriteFile
Sleep
GetModuleHandleA
InterlockedDecrement
GetFileType
GetSystemTimeAsFileTime
WriteConsoleOutputCharacterW
LoadLibraryA
SetFilePointer
RtlUnwind
SetHandleCount
GetOEMCP
GetLocaleInfoA
SetConsoleTextAttribute
GetUserDefaultLCID
WriteConsoleA
GetTimeZoneInformation
GetAtomNameA
GetVersionExA
FreeEnvironmentStringsA
EnterCriticalSection
FlushFileBuffers
FreeEnvironmentStringsW
GetCPInfo
VirtualQuery
GetDateFormatA
ReadFile
CreateFileA
UnhandledExceptionFilter
QueryPerformanceCounter
IsDebuggerPresent
LocalFileTimeToFileTime
HeapDestroy

Sections

.text
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1da0755a7c9c9be5edb3d2b9fca3780c

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 143KB - Virtual size: 143KB

.rdata Size: 9KB - Virtual size: 25KB

.data Size: 147KB - Virtual size: 147KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 143KB - Virtual size: 143KB

.rdata
Size: 9KB - Virtual size: 25KB

.data
Size: 147KB - Virtual size: 147KB

.rsrc
Size: 7KB - Virtual size: 6KB