03ed57a250ad27510d98857431ca56bc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

03ed57a250ad27510d98857431ca56bc_JaffaCakes118
Size

331KB
MD5

03ed57a250ad27510d98857431ca56bc
SHA1

af384eff199adfaeb31563b26e695e3fa32bb9e8
SHA256

5b4d15a6b2e8ae40fef64cc3415ab63f6b70885146b191ec75f00f8785862666
SHA512

b6148df30292ba5a31452c7789c355b317decce8f32a9c59a4677fc5a2f2bddacb74b36661c2ce62064973ce3db4d95a5fc9813f0749f4244c93d00fb119fc8a
SSDEEP

6144:4tTWo9xRn3yxKmfGFKjf/0O5QOD8RqtGhGwJyBc:4tConRnixKEf/0Ob8phGdBc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03ed57a250ad27510d98857431ca56bc_JaffaCakes118

Files

03ed57a250ad27510d98857431ca56bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

14f7a1496c0f57963d3bef720b7b6df1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

gdi32

PolylineTo
GetCurrentPositionEx
SetWindowExtEx
PlayMetaFile
SetTextCharacterExtra
AngleArc
PtVisible
SetBoundsRect
EnumFontFamiliesA

user32

MessageBoxIndirectA
CopyRect
GetMonitorInfoW
RemoveMenu
LoadCursorA
RealChildWindowFromPoint
SetSystemCursor
InflateRect
EnumDisplayMonitors
IntersectRect
BroadcastSystemMessage
GetUpdateRect
GetCapture
MessageBoxExW
DlgDirListW
RegisterClassExA
RegisterClassA
SetPropW
SetDlgItemTextA
DrawIconEx
SetFocus
DdeQueryStringA
WaitForInputIdle
ToAsciiEx
GetMenuItemRect
MessageBoxA
CallMsgFilterA

advapi32

RegQueryValueExA
RegEnumValueW
CryptGenKey
RegQueryMultipleValuesA

kernel32

HeapDestroy
VirtualFree
Sleep
GetCurrentThreadId
GetConsoleCP
LCMapStringA
WriteFile
GetCurrentThread
TlsFree
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
GetTickCount
LeaveCriticalSection
CompareStringA
SetLastError
RtlUnwind
GetTimeFormatA
GetModuleHandleA
GetPrivateProfileStructW
UnhandledExceptionFilter
DeleteCriticalSection
SetStdHandle
GetTimeZoneInformation
FlushFileBuffers
GetStartupInfoA
GetModuleHandleW
HeapAlloc
IsDebuggerPresent
InterlockedIncrement
GetUserDefaultLCID
TerminateProcess
IsValidLocale
VirtualProtect
GetDateFormatA
GetCPInfo
GetCommandLineA
SetEnvironmentVariableA
OpenMutexA
TlsAlloc
CompareStringW
LoadLibraryA
WideCharToMultiByte
CreateFileA
WriteConsoleA
GetACP
SetUnhandledExceptionFilter
EnterCriticalSection
GetConsoleMode
InterlockedDecrement
VirtualQuery
SetHandleCount
HeapFree
GetSystemTimeAsFileTime
GetOEMCP
IsValidCodePage
GetLastError
CloseHandle
EnumSystemLocalesA
FreeLibrary
GetLocaleInfoA
GetProcAddress
FreeEnvironmentStringsA
GetStringTypeW
TlsSetValue
GetFileType
GetStringTypeA
LCMapStringW
VirtualAlloc
GetConsoleOutputCP
HeapCreate
ReadFile
HeapSize
GetEnvironmentStrings
GetStdHandle
ExitProcess
SetFilePointer
QueryPerformanceCounter
GetEnvironmentStringsW
WriteConsoleW
GetCurrentProcessId
CreateMutexA
TlsGetValue
GetLocaleInfoW
InterlockedExchange
MultiByteToWideChar
SetConsoleCtrlHandler
FreeEnvironmentStringsW
HeapReAlloc

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14f7a1496c0f57963d3bef720b7b6df1

Headers

File Characteristics

Imports

comctl32

gdi32

user32

advapi32

kernel32

Sections

.text Size: 167KB - Virtual size: 167KB

.rdata Size: 10KB - Virtual size: 38KB

.data Size: 148KB - Virtual size: 147KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 167KB - Virtual size: 167KB

.rdata
Size: 10KB - Virtual size: 38KB

.data
Size: 148KB - Virtual size: 147KB

.rsrc
Size: 5KB - Virtual size: 4KB