f8a504315004374cbc7bc91ee3c5aac6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f8a504315004374cbc7bc91ee3c5aac6_JaffaCakes118
Size

402KB
MD5

f8a504315004374cbc7bc91ee3c5aac6
SHA1

d30c8cb8eea8ff0e6e63ad62cfacb3ce18299c06
SHA256

7c8ca3ab7a17e6ec73f95f3ff1bbc64059a92eb70ecba7d02d647dcae930c649
SHA512

ddd697bea2969212212529024cc1cea06ca1c52b68299475b84640c5fca407741c63f9432da0f9ebd7ab70f1ac52e43e35b210f6a5788d5ca190f2da4bb7a3c5
SSDEEP

12288:ORHOJId6AZnmHiyeAMzLJkfNWOrHRUxbxHZyyEFslT3:Od6hC/PJiYOab5Z3EKlT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8a504315004374cbc7bc91ee3c5aac6_JaffaCakes118

Files

f8a504315004374cbc7bc91ee3c5aac6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e0cb33fbf38d4fbecc5efb2d7bd69b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
PageSetupDlgA
ReplaceTextA
ChooseColorA
GetOpenFileNameW
ChooseColorW
ChooseFontA
GetFileTitleW
ChooseFontW
LoadAlterBitmap
FindTextA
GetSaveFileNameW
GetSaveFileNameA
PrintDlgW
PageSetupDlgW
GetFileTitleA
PrintDlgA
ReplaceTextW

gdi32

EndDoc
GetWindowExtEx
Chord
GetCharacterPlacementA
CreateBitmap
CreatePolyPolygonRgn
SetStretchBltMode
ResizePalette
LineTo

user32

EnableWindow
IsDlgButtonChecked
EndTask
RedrawWindow
DefMDIChildProcW
LookupIconIdFromDirectory
CharLowerA
CallMsgFilter
DdeCreateDataHandle
CopyImage
GetComboBoxInfo
EnumWindowStationsA
GetDCEx
ShowCaret
SetKeyboardState
GetWindowTextLengthW
DialogBoxIndirectParamA
SendIMEMessageExA

wininet

LoadUrlCacheContent
InternetReadFileExA
FindFirstUrlCacheContainerA
ShowCertificate
InternetGetCookieA
InternetGoOnline
UnlockUrlCacheEntryFileW
FtpCreateDirectoryW
FtpDeleteFileA
SetUrlCacheConfigInfoW
InternetGetCertByURL
InternetQueryOptionA
FtpSetCurrentDirectoryA
RetrieveUrlCacheEntryStreamW
FtpRemoveDirectoryA
InternetDialW
FtpPutFileA
InternetCanonicalizeUrlA
HttpSendRequestExW

kernel32

GetModuleHandleA
GetThreadPriorityBoost
LoadLibraryA
GetModuleHandleW
HeapAlloc
RtlUnwind
QueryPerformanceCounter
GetProfileStringA
GetModuleFileNameA
GetCurrentThreadId
GetProcAddress
HeapReAlloc
ExitProcess
VirtualAlloc
FreeResource
TerminateProcess
TransmitCommChar
GetCurrentProcessId
GetCurrentProcess
InterlockedExchange
VirtualQuery
GetPrivateProfileSectionNamesA
WritePrivateProfileSectionA
GetTickCount
GetSystemTimeAsFileTime
HeapFree
CommConfigDialogW

Sections

.text
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e0cb33fbf38d4fbecc5efb2d7bd69b7

Headers

File Characteristics

Imports

comdlg32

gdi32

user32

wininet

kernel32

Sections

.text Size: 127KB - Virtual size: 127KB

.data Size: 264KB - Virtual size: 263KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 127KB - Virtual size: 127KB

.data
Size: 264KB - Virtual size: 263KB

.rsrc
Size: 10KB - Virtual size: 9KB