6258d3dea8d3f54b1491b6a923615de2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6258d3dea8d3f54b1491b6a923615de2_JaffaCakes118
Size

116KB
MD5

6258d3dea8d3f54b1491b6a923615de2
SHA1

017a5b2a93319d40621fa7b5587cb57f0df90004
SHA256

1dccc8f325bd4c7f2cc4aa174ff6e54efd3f0c9e9a5327148f90d6d3d985d28b
SHA512

584e3b1893bf8287f23a4b340bf1fe260dc1cfc0fa8af4c9af6cfc75b0980a7a1f96f41edc9ab1989060ec497707a725db5e12d79a6dffbf4179e050ea6b6440
SSDEEP

3072:HChC6NAN/FuTmngEyyIVVo8CVGp1bnrGL0Tk6:H0CTN/gTagEyxt6GX40Tk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
6258d3dea8d3f54b1491b6a923615de2_JaffaCakes118

Files

6258d3dea8d3f54b1491b6a923615de2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cce7bbce77610b9130eb5d1f4d659541

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetProcAddress
HeapSize
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
GetStringTypeA
GetStringTypeW
GetLastError
CompareStringA
CompareStringW
SetEnvironmentVariableA
RaiseException
SetFilePointer
FlushFileBuffers
CloseHandle
LoadLibraryExA
ReadFile
GetEnvironmentStrings
WideCharToMultiByte
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapReAlloc
HeapAlloc
TerminateProcess
GetCurrentProcess
SetStdHandle

user32

DefWindowProcA
GetClientRect
InvalidateRect
DestroyWindow
BeginPaint
DrawTextA
EndPaint
PostQuitMessage
CreateWindowExA
LoadIconA
RegisterClassExA
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
ShowWindow
GetSysColorBrush
GetSysColor
FillRect
ReleaseCapture
PtInRect
LoadCursorA
SetCursor
UpdateWindow
SetCapture
CheckRadioButton
SetDlgItemInt
GetSystemMenu
AppendMenuA
SetMenuDefaultItem
GetDC
DrawEdge
IsDlgButtonChecked
ReleaseDC
EndDialog
DialogBoxParamA

gdi32

RealizePalette
CreateHalftonePalette
SelectPalette
StretchDIBits
BeginPath
MoveToEx
LineTo
EndPath
StrokeAndFillPath
CreateBrushIndirect
Ellipse
CreatePen
Rectangle
SetROP2
CreateSolidBrush
SelectObject
SetBkColor
DeleteObject
LPtoDP
GetPixel

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cce7bbce77610b9130eb5d1f4d659541

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 36KB - Virtual size: 34KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 36KB - Virtual size: 34KB