4297f902ddf43d442f815a1cc3a7fdfa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4297f902ddf43d442f815a1cc3a7fdfa_JaffaCakes118
Size

249KB
MD5

4297f902ddf43d442f815a1cc3a7fdfa
SHA1

85804a2cf4e8ee80bd37eec37eb1a4490fc52532
SHA256

c924673a5d0f292982fc0247d40e3ba6a09dee39bc83eb7098caf2aba2034fbe
SHA512

0ce7188610e38a5275dfbf097a377d7260c0396c3b14e360a9010fa21d29490d7469cf268319cbc94b7fa5d0c3aaa0fea69f0cd8b872ef5e0a3778b43a4c8ed3
SSDEEP

6144:w/NBB+18TMBdXFm9nuERonBui9a82NOFOtqyxbSOhmG2tBeR8XYnCrAvwMM6rd:8NBkKTgdXenFRoBn9a82NOFOtjxgGniY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4297f902ddf43d442f815a1cc3a7fdfa_JaffaCakes118

Files

4297f902ddf43d442f815a1cc3a7fdfa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10251538e5d1ebd5bd3052d8878eeaae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetStringTypeA
GetSystemInfo
LCMapStringW
GetProcAddress
GetTimeZoneInformation
HeapReAlloc
MultiByteToWideChar
GetVersion
GetFileType
GetCurrentProcessId
SetLastError
OutputDebugStringW
FreeEnvironmentStringsW
TlsAlloc
VirtualFree
GetUserDefaultLCID
FileTimeToSystemTime
TlsFree
VirtualProtect
GetCommandLineA
TlsSetValue
lstrlenA
GetOEMCP
HeapCreate
UnlockFile
GetEnvironmentStrings
WriteConsoleInputA
DeleteFileW
ExitProcess
GetTickCount
ReadConsoleOutputCharacterA
SetEnvironmentVariableA
HeapFree
DeleteCriticalSection
GetModuleFileNameA
GetLocaleInfoW
LoadLibraryA
QueryPerformanceCounter
CompareStringW
VirtualAlloc
SetPriorityClass
GetTimeFormatA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
EnterCriticalSection
GetACP
GetCurrentThread
IsValidCodePage
TlsGetValue
GetStringTypeW
CreateNamedPipeW
GetSystemTimeAsFileTime
EnumSystemLocalesA
ReadConsoleOutputA
lstrcpy
FreeEnvironmentStringsA
GetCPInfo
GetProfileStringW
LCMapStringA
HeapDestroy
WriteFile
LocalUnlock
GetCommandLineW
IsValidLocale
FindResourceExA
GetStdHandle
LeaveCriticalSection
GetDateFormatA
SetHandleCount
InterlockedExchange
GetLastError
WideCharToMultiByte
CompareStringA
HeapSize
GetComputerNameW
CreateProcessW
GetVersionExA
GetStartupInfoW
HeapAlloc
IsBadWritePtr
WriteConsoleOutputAttribute
GetProcAddress
GetStartupInfoA
VirtualQuery
GetModuleHandleA
InitializeCriticalSection
GetEnvironmentStringsW
GetModuleFileNameW

shell32

SHEmptyRecycleBinA
ExtractIconExA
FindExecutableA
DoEnvironmentSubstA
SHLoadInProc
SHGetFileInfoW
SHGetSpecialFolderPathA
DragAcceptFiles
SHFormatDrive
SHBrowseForFolder
SHGetPathFromIDListW
FreeIconList
SHFileOperationA
SHBrowseForFolderW
SHAppBarMessage
SHGetInstanceExplorer
ExtractIconW
SHGetDataFromIDListW
SHGetSettings

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10251538e5d1ebd5bd3052d8878eeaae

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 126KB - Virtual size: 125KB

.data Size: 110KB - Virtual size: 110KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 126KB - Virtual size: 125KB

.data
Size: 110KB - Virtual size: 110KB

.rsrc
Size: 11KB - Virtual size: 11KB