1aeda6ec35f1076db6b88da73f670640_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1aeda6ec35f1076db6b88da73f670640_JaffaCakes118
Size

160KB
MD5

1aeda6ec35f1076db6b88da73f670640
SHA1

8c77c2a2ed7e7d800b266fb09c03d913e863771d
SHA256

226d19ed695c9b68d08266d31b7260129846f8c24096b6b6f52d6f3a47e5203a
SHA512

17c2a05cf4e8f0616c5e31d1b41c083b95583510962a4c08c0743656f0d69e9a8886f9dc3eadc1314b323db6dc82fe9cf5b2cb0c41876efcf11e941a80231fa0
SSDEEP

3072:uv/1tNNdyaiRScHtelmKjXgMmMSRwA0zhL4cLMw5YQHGgUpJLxM5:uvvd2Nh8XgMmNczTMAY0kpZE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

1aeda6ec35f1076db6b88da73f670640_JaffaCakes118

resource
1aeda6ec35f1076db6b88da73f670640_JaffaCakes118

Files

1aeda6ec35f1076db6b88da73f670640_JaffaCakes118
.exe windows:4 windows x86 arch:x86

37210f01ddcb5d48c23a137f6b5bac21

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
lstrlenA
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
WriteFile
CloseHandle
FreeConsole
WriteConsoleA
VerLanguageNameA
Sleep
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeW

user32

PostQuitMessage
MessageBoxA
UpdateWindow
GetSysColor
CallWindowProcA
LoadMenuA
KillTimer
SetFocus
CreateWindowExA
ShowWindow
InsertMenuA
GetWindowLongA
DefWindowProcA

gdi32

SelectObject
CreateDIBitmap
RealizePalette
DeleteObject
GetFontData

comdlg32

ChooseFontA

shell32

SHGetFileInfoA
ShellExecuteA

ole32

CoCreateInstance
CoInitialize

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37210f01ddcb5d48c23a137f6b5bac21

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

Sections

.text Size: 16KB - Virtual size: 12KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 132KB - Virtual size: 130KB

.text
Size: 16KB - Virtual size: 12KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 132KB - Virtual size: 130KB