f8dd93d48dc08456718d0719524952f4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f8dd93d48dc08456718d0719524952f4_JaffaCakes118
Size

361KB
MD5

f8dd93d48dc08456718d0719524952f4
SHA1

0e7bd4b4413f7a3bd0be0f4df9f17b8b5a386723
SHA256

82bbfac713fd23ae9f7e556cecfe642178112ea0fa382d1bf837f63286399247
SHA512

e5c2721220ef55024282c21ebcee0cb7d7ff08521e26bd69730c22616cac7d44a7295e3df67ff0d9e0f37eb42a585958022d47656c982176eaf83ecc283f2ce4
SSDEEP

6144:aTCDlHgzqAOjwMhvi/+A92elAkAF/QPOpIAYZGlueADXVo4c:aTo5A0PAselK9QWpIAYZGlueUVo4c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8dd93d48dc08456718d0719524952f4_JaffaCakes118

Files

f8dd93d48dc08456718d0719524952f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

14d67f2fc84c2039c69352c340d9bcaf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

kernel32

SetStdHandle
GetCurrentThread
OpenMutexA
VirtualAlloc
FreeEnvironmentStringsA
GetStartupInfoA
WideCharToMultiByte
HeapCreate
EnterCriticalSection
GetOEMCP
IsDebuggerPresent
GetDateFormatA
TlsGetValue
GetProcAddress
GetTimeZoneInformation
QueryPerformanceCounter
GetTimeFormatA
IsValidCodePage
SetEnvironmentVariableA
FreeLibrary
RtlUnwind
FreeEnvironmentStringsW
OpenSemaphoreW
GetModuleFileNameA
DeleteCriticalSection
UnhandledExceptionFilter
GetUserDefaultLCID
SetFilePointer
GetStringTypeW
TerminateProcess
GetLocaleInfoW
HeapAlloc
GetLocaleInfoA
GetStringTypeA
SetUnhandledExceptionFilter
WriteConsoleW
GetConsoleCP
LeaveCriticalSection
SetHandleCount
HeapSize
Sleep
HeapDestroy
TlsAlloc
HeapReAlloc
GetConsoleMode
GetCommandLineA
GetTickCount
LCMapStringW
GetModuleHandleA
CreateMutexA
ExitProcess
GetLastError
TlsSetValue
GetEnvironmentStringsW
WriteConsoleA
VirtualQuery
EnumSystemLocalesA
WriteFile
GetSystemTimeAsFileTime
CompareStringW
CompareStringA
GetConsoleOutputCP
IsValidLocale
MultiByteToWideChar
GetCurrentThreadId
InterlockedExchange
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
GetEnvironmentStrings
CreateFileA
LoadLibraryA
LCMapStringA
GetCPInfo
SetConsoleCtrlHandler
ReadFile
FormatMessageW
HeapFree
InterlockedDecrement
FlushFileBuffers
GetACP
SetLastError
TlsFree
GetModuleHandleW
VirtualFree
InterlockedIncrement
CloseHandle
GetCurrentProcessId
GetStdHandle
GetFileType

gdi32

CancelDC
GetDIBits
EnumFontFamiliesA
SetColorAdjustment
GetICMProfileW
CreateColorSpaceA
DeleteEnhMetaFile
GetBitmapBits
StartDocA
DeviceCapabilitiesExW
SetBitmapDimensionEx
ScaleWindowExtEx
EndPage
GetSystemPaletteUse
GetCharWidthA
SetPolyFillMode
GetObjectType
SetDIBColorTable
GetDeviceCaps
SetWindowExtEx
SelectObject
ArcTo
CreateEnhMetaFileW
SetBitmapBits
ExtSelectClipRgn

user32

GetMenuCheckMarkDimensions
ShowCaret
TrackPopupMenu
OemKeyScan
GetMessageA
SetWindowRgn
GetMenuState
DdeFreeDataHandle
RegisterClassA
SetParent
GetDesktopWindow
ReuseDDElParam
RegisterClassExA
GetTitleBarInfo
RegisterClipboardFormatA
GetKeyNameTextA
DrawAnimatedRects
EqualRect

comctl32

InitCommonControlsEx

Sections

.text
Size: 221KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14d67f2fc84c2039c69352c340d9bcaf

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

user32

comctl32

Sections

.text Size: 221KB - Virtual size: 220KB

.rdata Size: 32KB - Virtual size: 49KB

.data Size: 93KB - Virtual size: 92KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 221KB - Virtual size: 220KB

.rdata
Size: 32KB - Virtual size: 49KB

.data
Size: 93KB - Virtual size: 92KB

.rsrc
Size: 14KB - Virtual size: 13KB