05ac412368b59611ddb70fae8845366e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

05ac412368b59611ddb70fae8845366e_JaffaCakes118
Size

322KB
MD5

05ac412368b59611ddb70fae8845366e
SHA1

314c8ab40047757f5e8ec1d3289930ac1bfb90e3
SHA256

bf300b5fd6a7b18015b5c9282ec42b536f36ad176ae4965849b53fae99fcf89d
SHA512

aa27b792950fb12fc606f8f6f931fa4f34a55058151070e66ed03e7f34a830b291f5253013cdded374bd2ed492bf7e02860b35133d13d3b159b7e3c795a9fa2e
SSDEEP

6144:s6mqec2vdGoVZX3M33aJofM7aqn6NA7gSWctD7UXASVHBK:s1qe9vd773M367a+6igDcD7UX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05ac412368b59611ddb70fae8845366e_JaffaCakes118

Files

05ac412368b59611ddb70fae8845366e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e3a2041f9979c353e38b3f1ffae980d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextA
ChooseColorW
GetOpenFileNameW
ChooseFontA
PageSetupDlgW
ChooseColorA
GetOpenFileNameA
PageSetupDlgA

user32

GetCursorInfo
CreatePopupMenu
IsCharUpperW
ExcludeUpdateRgn
GetAltTabInfo
TabbedTextOutA
MapDialogRect
DestroyAcceleratorTable
DdeQueryConvInfo
AnyPopup
IsDialogMessageW
GetWindowContextHelpId
SetSystemCursor
IsCharUpperA
GetClassNameA
CharLowerA
GetAsyncKeyState
TranslateMessage
GetLastActivePopup
TabbedTextOutW

shell32

SHFileOperationA
SHGetSpecialFolderPathA
SheGetDirA
FindExecutableW
SHFileOperation
SHInvokePrinterCommandW
SHGetNewLinkInfo
SHBrowseForFolderW
DoEnvironmentSubstW
InternalExtractIconListA
ExtractIconW
CheckEscapesW
ShellAboutA
InternalExtractIconListW
CommandLineToArgvW

gdi32

GetTextMetricsW
GetDeviceCaps
CreateFontA
GetEnhMetaFileDescriptionA

kernel32

VirtualQuery
ExitProcess
GetEnvironmentStringsW
InterlockedExchange
GetCommandLineA
ReadConsoleOutputCharacterW
GetEnvironmentStrings
GetProcessHeap
FreeEnvironmentStringsW
Sleep
QueryPerformanceCounter
HeapDestroy
GetTimeZoneInformation
SetConsoleCursorPosition
GetFileType
CompareStringW
GetACP
EnterCriticalSection
GetStdHandle
GetCompressedFileSizeW
IsDebuggerPresent
IsValidCodePage
MultiByteToWideChar
GetLocaleInfoW
SetHandleCount
HeapFree
LCMapStringA
FreeEnvironmentStringsA
GetTimeFormatA
GetLocaleInfoA
HeapSize
GetCurrentProcessId
RtlUnwind
HeapAlloc
GetSystemTimeAsFileTime
CompareStringA
GetCPInfo
LoadLibraryA
GetVersionExA
GetStringTypeA
TlsSetValue
TlsAlloc
InitializeCriticalSection
WideCharToMultiByte
GetDateFormatA
DeleteCriticalSection
GetUserDefaultLCID
GetLastError
FreeLibrary
UnhandledExceptionFilter
HeapCreate
GetModuleFileNameA
GetOEMCP
WriteFile
TlsFree
GetStartupInfoA
SetConsoleCtrlHandler
GetProcAddress
InterlockedDecrement
VirtualFree
LeaveCriticalSection
HeapReAlloc
SetEnvironmentVariableA
TlsGetValue
InterlockedIncrement
GetTickCount
GetStringTypeW
LCMapStringW
VirtualAlloc
TerminateProcess
EnumSystemLocalesA
SetUnhandledExceptionFilter
GetModuleHandleA
IsValidLocale
LocalUnlock
GetCurrentProcess
SetLastError
GetCurrentThread
GetCurrentThreadId

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3a2041f9979c353e38b3f1ffae980d1

Headers

File Characteristics

Imports

comdlg32

user32

shell32

gdi32

kernel32

Sections

.text Size: 134KB - Virtual size: 134KB

.data Size: 172KB - Virtual size: 200KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 134KB - Virtual size: 134KB

.data
Size: 172KB - Virtual size: 200KB

.rsrc
Size: 15KB - Virtual size: 14KB