43d27556d55814dc7bc7fee59074e930_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43d27556d55814dc7bc7fee59074e930_JaffaCakes118
Size

119KB
MD5

43d27556d55814dc7bc7fee59074e930
SHA1

b9680af027b794bfb52c6be9520035f827797c89
SHA256

1210eda8ec6437c88d497e1c1c331ff72b1951a92ec1f0c72532a11b4b6e7836
SHA512

5f92871a8d5daa8d3cddc8a59692abd33e9efddf2d61fee32c27c54a545f044bc3bc47c9d4da4af5d452291c8b9f501dbac43f78b58d2ed70b29fc625fe9242d
SSDEEP

1536:MlubJiieFo18g1vJsmRlI13rE3jb5r4ZHBm3eFWyzzbf6f9sV5Fy1DqMuH9:9idFc8i6j13oSZhN5znS85Fy1uM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43d27556d55814dc7bc7fee59074e930_JaffaCakes118

Files

43d27556d55814dc7bc7fee59074e930_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d665096b8b825fd73206c1eea2f42ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrcatW
CreateFileW
VirtualAllocEx
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleFileNameW
GetModuleHandleW
SetErrorMode
GetCommandLineW
VirtualQuery
GetSystemInfo
VirtualProtect
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsFree
SetLastError
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
HeapDestroy
HeapCreate
VirtualFree
HeapFree
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlUnwind
SetVolumeLabelW
GetNumberFormatW
GetVolumeInformationA
CreateWaitableTimerA
Heap32ListFirst
lstrcpy
GetDiskFreeSpaceW
SetLocaleInfoA
QueryDosDeviceA
GetCommConfig
SwitchToThread
CreateDirectoryW
CreateJobObjectW
BuildCommDCBA
FindFirstVolumeW
DnsHostnameToComputerNameA
SetConsoleTextAttribute
GetTempFileNameW
GetTapeStatus
OpenMutexA
OutputDebugStringW
DeleteFileA
FormatMessageA
FillConsoleOutputCharacterA
GetFileSizeEx
OpenWaitableTimerA
SetComputerNameExA
LoadResource
SetComputerNameW
GlobalFlags
CreateEventA
WriteConsoleInputW
GetPrivateProfileStringA
InterlockedDecrement
GetSystemDefaultLangID
GlobalFree
GetThreadSelectorEntry
SetThreadContext
GlobalUnWire
EnumResourceTypesW
CreateFileA
SetConsoleCursorInfo
LocalUnlock
GetBinaryTypeW
GetLargestConsoleWindowSize
VirtualFreeEx
WriteProfileSectionA
GetUserDefaultLangID
GetProcessVersion
PurgeComm
CreateTapePartition
SetSystemTimeAdjustment
ConvertDefaultLocale
SetFileApisToANSI
SetTapeParameters
WaitForMultipleObjectsEx
GetVolumePathNameA
GetFileAttributesExW
_lread
EnumTimeFormatsA
GetConsoleWindow
OpenProcess
SetFileAttributesW
Process32First
Module32FirstW
CreateJobObjectA
ClearCommError
EnumResourceLanguagesA
SearchPathW
SetupComm
FlushViewOfFile
GetLongPathNameW
GetDateFormatW
ChangeTimerQueueTimer
PeekConsoleInputA
GetWriteWatch
GetComputerNameA
Beep
SetVolumeLabelA
VerLanguageNameA
SetCalendarInfoW
ExitThread
EnumResourceTypesA

user32

LoadIconA
LoadCursorW
RegisterClassW
CreateWindowExW
DefWindowProcW
LoadIconW
DestroyWindow

gdi32

GetStockObject

msvcrt

memcpy

advapi32

RegOpenKeyW

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d665096b8b825fd73206c1eea2f42ac

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 512B - Virtual size: 4B

.data Size: 91KB - Virtual size: 91KB

.data2 Size: 14KB - Virtual size: 13KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 716B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 512B - Virtual size: 4B

.data
Size: 91KB - Virtual size: 91KB

.data2
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 716B