04300a64c7b5de79239a96d544e36cb0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

04300a64c7b5de79239a96d544e36cb0_JaffaCakes118
Size

473KB
MD5

04300a64c7b5de79239a96d544e36cb0
SHA1

5890f4af72f2478a84c55ab9fc0864537f2dfbe3
SHA256

d2bb12a036a3d1ea97b490efc657a194b961b2a74628600129ce490097ed4190
SHA512

00b16be4c63c5fa7f6cf62b7a57de2e661f0136560ed3269a7beaa0dc253f9b418035bcb410439954c4006a1f05984f046a37c163ffa46a227a5f8cabad8045f
SSDEEP

12288:sbK+VrSmVHgtp7nZGlUfCShT3DvNC8A1/LQ+fP2:sJVrt5gtFZGCCShTTvs82Lj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04300a64c7b5de79239a96d544e36cb0_JaffaCakes118

Files

04300a64c7b5de79239a96d544e36cb0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fd3370b30c6e1dbafeaa870d65dbdd88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetNearestPaletteIndex
GetMetaFileW
SetTextColor
MoveToEx
CreateCompatibleBitmap
GetClipRgn
SetWindowExtEx
CreateRectRgnIndirect

user32

DefDlgProcA
CharUpperW
TabbedTextOutA
ShowWindowAsync
GetMessageA
GetLastActivePopup
SetWindowsHookExW
GetMenuItemRect
PostThreadMessageA
GetMenuStringA
RegisterClassA
RegisterClassExA
DdeCreateStringHandleA
IsWindowUnicode

kernel32

TlsFree
GetCurrentThread
TlsAlloc
GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentStringsW
TerminateProcess
GetProcAddress
GetModuleHandleW
VirtualQuery
CompareStringA
IsDebuggerPresent
TlsSetValue
SetFilePointer
SetStdHandle
GetStringTypeA
GetStringTypeW
CreateFileA
GetConsoleOutputCP
GetFileAttributesW
GetConsoleMode
Sleep
GetTimeZoneInformation
GetModuleFileNameA
WriteConsoleA
SetHandleCount
GetFileAttributesExA
GetModuleHandleA
GetDriveTypeA
LCMapStringW
GetLocaleInfoA
WideCharToMultiByte
CreateMutexA
EnterCriticalSection
EnumSystemLocalesA
TlsGetValue
DeleteCriticalSection
ReadFile
HeapDestroy
GetFileType
VirtualFree
HeapSize
SetLastError
OpenMutexA
GetConsoleTitleW
FreeLibrary
FoldStringW
HeapReAlloc
GetACP
ExitProcess
CloseHandle
InterlockedDecrement
PulseEvent
GetOEMCP
GetDateFormatA
FreeEnvironmentStringsA
lstrcmpW
GlobalUnfix
ExitThread
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetCurrentProcessId
GetTimeFormatA
IsValidCodePage
HeapFree
GetCalendarInfoW
GetCPInfo
GetLocaleInfoW
QueryPerformanceCounter
FreeEnvironmentStringsW
GetCurrentProcess
VirtualAlloc
ConnectNamedPipe
HeapAlloc
GetConsoleCP
VirtualProtectEx
InterlockedIncrement
GetStartupInfoA
HeapCreate
SetVolumeLabelA
GetStdHandle
GlobalFindAtomW
GetTickCount
SetEnvironmentVariableA
GetTempPathW
GetLastError
WritePrivateProfileStructA
WriteConsoleW
InterlockedExchange
GetSystemTimeAsFileTime
OpenEventW
CompareStringW
GetCommandLineA
IsValidLocale
LCMapStringA
ReadConsoleInputW
LeaveCriticalSection
GetUserDefaultLCID
SetUnhandledExceptionFilter
SetConsoleTitleA
SetConsoleCtrlHandler
WriteFile
UnhandledExceptionFilter
FlushFileBuffers
MultiByteToWideChar
EnumDateFormatsA
RtlUnwind

comctl32

InitCommonControlsEx

Sections

.text
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd3370b30c6e1dbafeaa870d65dbdd88

Headers

File Characteristics

Imports

gdi32

user32

kernel32

comctl32

Sections

.text Size: 240KB - Virtual size: 239KB

.rdata Size: 10KB - Virtual size: 22KB

.data Size: 212KB - Virtual size: 211KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 240KB - Virtual size: 239KB

.rdata
Size: 10KB - Virtual size: 22KB

.data
Size: 212KB - Virtual size: 211KB

.rsrc
Size: 10KB - Virtual size: 9KB