07ecf81bb0dffb120cf59790cc40cc52_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07ecf81bb0dffb120cf59790cc40cc52_JaffaCakes118
Size

267KB
MD5

07ecf81bb0dffb120cf59790cc40cc52
SHA1

6550a639fe1d799c57bcfb054e8cd19b79622732
SHA256

58ef6a981ae82fafbc259eb9e023657b0a59baf292127bdcff865e95363432d4
SHA512

672d2154d5e50536cf89cbd7187301e7ec2579e0bb9ef965a43adeb76a8b7c978a7a75435b315aefa0a961179bd4019af9c3221d525c536f408f712842d6f28a
SSDEEP

6144:z1Lt2bKKLwwOhVkIcnoO1wNxjENVnM2+x/RXbQ5aQf2:h4uKzO4IcnovQDkJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07ecf81bb0dffb120cf59790cc40cc52_JaffaCakes118

Files

07ecf81bb0dffb120cf59790cc40cc52_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb21ee377cbd01e0a13fef8f487ccc0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextA
ChooseFontA

kernel32

IsValidCodePage
LoadLibraryW
EnterCriticalSection
GetModuleHandleA
Sleep
GetModuleHandleW
MultiByteToWideChar
GetDateFormatA
IsDebuggerPresent
GetLastError
LCMapStringA
GetTimeZoneInformation
GetProcessHeap
GetModuleFileNameW
DosDateTimeToFileTime
GetCurrentThread
SetConsoleCtrlHandler
UnhandledExceptionFilter
GetConsoleTitleW
GetWindowsDirectoryA
ExitProcess
lstrcmp
GetCurrentProcess
GetTickCount
HeapCreate
GetStringTypeA
FreeEnvironmentStringsW
SetEnvironmentVariableA
LeaveCriticalSection
GetOEMCP
GetStartupInfoW
GetLocaleInfoW
GetStartupInfoA
TlsGetValue
SetConsoleWindowInfo
InterlockedDecrement
SetUnhandledExceptionFilter
LCMapStringW
GetLocalTime
OpenEventW
VirtualAlloc
HeapDestroy
TlsSetValue
CompareStringW
FreeLibrary
GetModuleFileNameA
GetLocaleInfoA
GetACP
GetTimeFormatA
GetUserDefaultLCID
GetSystemTimeAsFileTime
InterlockedIncrement
SetLastError
WideCharToMultiByte
TerminateProcess
ExpandEnvironmentStringsA
GetCPInfo
HeapAlloc
HeapSize
GetNamedPipeHandleStateW
LoadLibraryA
VirtualQueryEx
VirtualQuery
GetCommandLineW
TlsFree
TlsAlloc
HeapFree
DeleteCriticalSection
WaitForDebugEvent
GetProcessShutdownParameters
GetProcAddress
InterlockedExchange
OpenEventA
GetStringTypeW
VirtualFree
GetEnvironmentStringsW
CreateProcessW
RtlUnwind
InitializeCriticalSectionAndSpinCount
EnumSystemLocalesA
UnlockFile
IsValidLocale
SetHandleCount
OpenWaitableTimerA
GetFileType
WriteFile
GetStdHandle
HeapReAlloc
CompareStringA
GetCurrentThreadId
CreateDirectoryExA
QueryPerformanceCounter
GetCurrentProcessId

gdi32

PolyTextOutW
DeviceCapabilitiesExA
GetCharWidth32A
StrokeAndFillPath
SetMapMode
GetColorAdjustment
GetCharABCWidthsFloatA
CreateRectRgn

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb21ee377cbd01e0a13fef8f487ccc0a

Headers

File Characteristics

Imports

comdlg32

kernel32

gdi32

Sections

.text Size: 111KB - Virtual size: 110KB

.rdata Size: 8KB - Virtual size: 36KB

.data Size: 138KB - Virtual size: 137KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 111KB - Virtual size: 110KB

.rdata
Size: 8KB - Virtual size: 36KB

.data
Size: 138KB - Virtual size: 137KB

.rsrc
Size: 8KB - Virtual size: 8KB