12f13fc6d9c3ab2fd2a479d66568abad_JaffaCakes118

General

Target

12f13fc6d9c3ab2fd2a479d66568abad_JaffaCakes118
Size

106KB
MD5

12f13fc6d9c3ab2fd2a479d66568abad
SHA1

1505c821a2c1c16b8955acfacde804a80a47eb51
SHA256

05dfd2e88175e3f8c0caabacd33cc07bd1b16797d776cec31c30bdc39eabbc4c
SHA512

2a4d84014b6a722336460eace4a3ade91322d8dc0602cadb6f3effabb814ae44723ed95f25ce9b3b4400d2a50542c95396115bd9de8360461e29da89d349567b
SSDEEP

1536:0qChZaK+1R3hHqDxqYf7oN5zXINrbFSjjMJp1xQAKc1jrEE:7yEK+1R3Mxq27oN5DjjMjgAdr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12f13fc6d9c3ab2fd2a479d66568abad_JaffaCakes118

Files

12f13fc6d9c3ab2fd2a479d66568abad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fb02e67263a21611e4cbac1ed8b3d4f7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Imports

mapi32

BMAPIAddress
BMAPIAddress
BMAPIDetails
BMAPIFindNext
BMAPIGetAddress
BMAPIGetReadMail
BMAPIReadMail
BMAPIResolveName
BMAPISaveMail
BMAPISendMail
BuildDisplayTable@40
CbOfEncoded@4
CchOfEncoding@4
ChangeIdleRoutine@28
CloseIMsgSession@4
CreateIProp@24
CreateTable@36
DeinitMapiUtil@0
DeregisterIdleRoutine@4
DllCanUnloadNow
DllGetClassObject
EnableIdleRoutine@8
EncodeID@12
FBadColumnSet@4
FBadEntryList@4
FBadProp@4
FBadPropTag@4

imm32

ImmGetContext
ImmLockClientImc
ImmIsIME
ImmInstallIMEW
ImmLockIMC
ImmLockIMCC
ImmLockImeDpi
ImmNotifyIME
ImmRegisterClient
ImmRegisterWordA
ImmRegisterWordW
ImmEnumInputContext
ImmEnumRegisterWordA
ImmEnumRegisterWordW
ImmCreateIMCC
ImmActivateLayout
ImmDisableIME
ImmGenerateMessage
ImmGetAppCompatFlags
ImmGetCandidateListA
ImmGetCandidateListCountA
ImmGetCandidateListCountW
ImmGetCandidateListW
ImmGetCandidateWindow
ImmGetCompositionFontA
ImmGetCompositionFontW
ImmGetCompositionStringA
ImmGetCompositionStringW
ImmGetCompositionWindow
ImmGetContext
ImmGetConversionListA

kernel32

GetLastError
CreateFileA
GetEnvironmentVariableA
GetACP
OutputDebugStringW
AttachConsole
SetThreadLocale
HeapSetInformation
CreateRemoteThread
QueryDosDeviceA
LZRead

gdi32

CloseFigure
CloseFigure
CloseFigure
CloseFigure
CloseFigure
CloseFigure
CloseFigure
CloseFigure
CloseFigure
CloseFigure
CloseFigure
CloseFigure

Sections

.text
Size: 31KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 19KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb02e67263a21611e4cbac1ed8b3d4f7

Headers

File Characteristics

Imports

mapi32

imm32

kernel32

gdi32

Sections

.text Size: 31KB - Virtual size: 35KB

.data Size: 13KB - Virtual size: 19KB

.rsrc Size: 51KB - Virtual size: 52KB

.text
Size: 31KB - Virtual size: 35KB

.data
Size: 13KB - Virtual size: 19KB

.rsrc
Size: 51KB - Virtual size: 52KB