f03ec6bc9c336fac11a26114bd3f987b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f03ec6bc9c336fac11a26114bd3f987b_JaffaCakes118
Size

454KB
MD5

f03ec6bc9c336fac11a26114bd3f987b
SHA1

3e3cc9071528b9959d3fcc11d7182a7b69510039
SHA256

22701e3e1f1b560bd9980306b3dcd03e75e0f4340625ac19af57ef0d90b2a70c
SHA512

29f571df3c15bb17af9fe8d942b574d0b96729c85692b4243b23f08664ab25d0e5f9b236692c2723d8be9283fc608ec0efbc6d1905b8f74c6edf0a1d374993e3
SSDEEP

6144:6fFMU5fHe486G8ZutGfLjDLYXDvf7hhav0TwoSWPIOv/r5AJei4B74I:6mUFx8unDLYTX7h8KSWjH2UX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f03ec6bc9c336fac11a26114bd3f987b_JaffaCakes118

Files

f03ec6bc9c336fac11a26114bd3f987b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7d8aaa13d0b313d3f2698e8ab5455a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
CopyFileW
FindClose
GetCurrentProcessId
DeleteFileA
GetCurrentThread
WaitForSingleObject
SetLocaleInfoW
CopyFileA
OpenSemaphoreW
GetFileAttributesA
GetModuleHandleW
DuplicateHandle
GetFileType
OpenMutexW
GetModuleHandleA
DeleteFileW
SetThreadLocale
GetCurrentThreadId
GetCurrentProcess
OpenSemaphoreA
OpenEventA
OpenMutexA
DosDateTimeToFileTime
GetACP
SetLocaleInfoA
LoadLibraryA
CompareStringA
OpenEventW
CreateFileA
GetFileAttributesW
GetFileSize
CompareStringW
SetStdHandle
CloseHandle
SetFilePointer
FlushFileBuffers
GetProcAddress
GetOEMCP
GetCPInfo
VirtualAlloc
GetStartupInfoA
GetVersion
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
HeapAlloc
HeapFree
TerminateProcess
HeapReAlloc
HeapSize
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
DeleteCriticalSection
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
InitializeCriticalSection
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

GetWindowTextA
FindWindowExW
GetMenu
GetClipboardData
FindWindowA
DeleteMenu
FindWindowW
CreateWindowExA
CreatePopupMenu
FindWindowExA
GetWindowTextW
GetWindowTextLengthA
CreateWindowExW
GetWindowTextLengthW
IsWindow

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7d8aaa13d0b313d3f2698e8ab5455a4

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 256KB - Virtual size: 253KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 256KB - Virtual size: 253KB