38491fc19117dc5ffdcb82e0424798eb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38491fc19117dc5ffdcb82e0424798eb_JaffaCakes118
Size

284KB
MD5

38491fc19117dc5ffdcb82e0424798eb
SHA1

45e27908f3381befcc671a642614f4c692d58dfc
SHA256

c01044acc67022177e9da2fa008359a049771cafba525786e1cc0d78e5da8e85
SHA512

df0dcdbb5f5c91ae6f12b2e1fca6bcf7b6422b30e163765b0279ed40e8b162aeba5a7e7b5ba7f971ec1d4255ea68c2742859fc73c6ec6dfb976f1fdec7430daf
SSDEEP

6144:0Y6hU71NkCfJ4VAH/5GbNLFZ+KEl92A7FpUN4hMH3ZOL:j6h4kSf5GjWlv4a8E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38491fc19117dc5ffdcb82e0424798eb_JaffaCakes118

Files

38491fc19117dc5ffdcb82e0424798eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2c7f86a5a092bc0acf2b6eed1a55744

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetUserDefaultLCID
GetVolumeInformationA
CreateEventA
GetStartupInfoW
EnterCriticalSection
HeapAlloc
LoadLibraryA
TlsFree
MultiByteToWideChar
UnhandledExceptionFilter
EnumResourceTypesA
DeleteCriticalSection
GetCurrentThread
Sleep
TlsAlloc
GetCommandLineA
GetStringTypeW
GetTimeFormatA
CompareStringA
SetLastError
GetFileType
GetTimeZoneInformation
GetLastError
SetConsoleMode
HeapDestroy
TlsSetValue
GetStringTypeA
GetProcAddress
FreeEnvironmentStringsA
GetStdHandle
WriteFile
SetCriticalSectionSpinCount
GetEnvironmentStringsW
CreateThread
HeapSize
VirtualQuery
LeaveCriticalSection
WideCharToMultiByte
SetEnvironmentVariableA
GetCommandLineW
InterlockedDecrement
TlsGetValue
GetStartupInfoA
HeapReAlloc
LCMapStringW
ExitProcess
EnumSystemLocalesA
CompareStringW
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
IsValidCodePage
GetModuleHandleA
GetModuleFileNameW
InterlockedIncrement
IsDebuggerPresent
GetCurrentThreadId
SetHandleCount
VirtualFree
GetEnvironmentStrings
GetOEMCP
GetCurrentProcessId
GetModuleFileNameA
IsValidLocale
GetDateFormatA
SetThreadIdealProcessor
GetTickCount
HeapCreate
GetACP
GetLocaleInfoW
SetUnhandledExceptionFilter
SetConsoleCtrlHandler
RtlUnwind
GetLocaleInfoA
GetSystemTimeAsFileTime
InterlockedExchange
LCMapStringA
FreeLibrary
FreeEnvironmentStringsW
GetProcessHeap
GlobalCompact
GetVersionExA
InitializeCriticalSection
HeapFree

user32

UnloadKeyboardLayout
TrackMouseEvent
GetPriorityClipboardFormat
GetWindow
SendNotifyMessageA
SetRect
CallMsgFilterW
CreateWindowStationA
SetMenuItemInfoW

shell32

SHInvokePrinterCommandW
RealShellExecuteExA
SHQueryRecycleBinW

gdi32

OffsetWindowOrgEx
DescribePixelFormat
ArcTo
CreateCompatibleBitmap
SetEnhMetaFileBits
GetNearestColor
Polygon
StartPage
SetViewportOrgEx
CreateScalableFontResourceW
GetTextFaceW
GetDeviceCaps
GetClipRgn
GetObjectA
PtVisible
CancelDC
GetGlyphOutlineA
ExtFloodFill
GetRgnBox
OffsetClipRgn

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2c7f86a5a092bc0acf2b6eed1a55744

Headers

File Characteristics

Imports

kernel32

user32

shell32

gdi32

Sections

.text Size: 136KB - Virtual size: 136KB

.data Size: 140KB - Virtual size: 140KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 136KB - Virtual size: 136KB

.data
Size: 140KB - Virtual size: 140KB

.rsrc
Size: 6KB - Virtual size: 5KB