081ef53b73030b5b5812fd7107fe572b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

081ef53b73030b5b5812fd7107fe572b_JaffaCakes118
Size

393KB
MD5

081ef53b73030b5b5812fd7107fe572b
SHA1

7da64c498582c302eb7c3751bd80c6f2ea1ae8da
SHA256

424b2ad4b8a7bb4df91bf469b6b0999b2c089efc2d08c1e8a1c075b91f06447a
SHA512

c15f263e6f84f975860e4e92aa4f2806924b45dad35af0fdd09c5deb8ae3efbf013e841b4872290417ee255c8d64d1d7056fa81083a178637ba36b8e11a2f76f
SSDEEP

12288:lD67hbgZ/bnWOzHKIKQGUAeFDQ+Br1imEG/0hQ:0tb2WOEUtaQt0hQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
081ef53b73030b5b5812fd7107fe572b_JaffaCakes118

Files

081ef53b73030b5b5812fd7107fe572b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ac25895b04e2fd1985c8308ac12ecf1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
GetStartupInfoA
CreateProcessA
HeapCreate
GetLastError
CompareStringW
HeapAlloc
SetStdHandle
OutputDebugStringA
IsDebuggerPresent
SetConsoleCtrlHandler
UnhandledExceptionFilter
CompareStringA
FreeLibrary
TlsSetValue
MultiByteToWideChar
TlsFree
GetModuleFileNameW
GetModuleHandleW
GetThreadPriority
LCMapStringW
GetConsoleCP
GetProcessHeap
GetConsoleMode
FindNextFileW
GetStringTypeW
RaiseException
GetLocaleInfoW
GetProcAddress
DebugBreak
GetLocaleInfoA
SetHandleCount
GetDiskFreeSpaceA
GetCommandLineA
lstrlen
GetTimeFormatA
VirtualQuery
IsBadReadPtr
SetFilePointer
IsValidLocale
FreeEnvironmentStringsW
GetUserDefaultLCID
OutputDebugStringW
GetFileType
HeapReAlloc
InterlockedIncrement
ExitProcess
CreateFileA
WideCharToMultiByte
VirtualAlloc
SetLastError
QueryPerformanceCounter
GetCurrentProcess
HeapValidate
GetModuleHandleA
GetDateFormatA
HeapDestroy
HeapSize
GetCurrentThreadId
LCMapStringA
Sleep
GetCPInfo
GetEnvironmentStrings
WriteConsoleW
TlsGetValue
lstrlenA
GetACP
ConnectNamedPipe
GetTickCount
GetStringTypeA
WriteFile
GetCurrentThread
LeaveCriticalSection
IsValidCodePage
RtlUnwind
GetConsoleOutputCP
GetSystemTimeAsFileTime
WriteConsoleA
InterlockedDecrement
EnterCriticalSection
DeleteCriticalSection
GetEnvironmentStringsW
TlsAlloc
GetStdHandle
GetTimeZoneInformation
HeapFree
TerminateProcess
LoadLibraryA
GetOEMCP
SetEnvironmentVariableA
VirtualFree
FreeEnvironmentStringsA
GetModuleFileNameA
LoadLibraryW
FindNextChangeNotification
SetUnhandledExceptionFilter
CloseHandle
InterlockedExchange
GetCurrentProcessId
EnumSystemLocalesA
InitializeCriticalSectionAndSpinCount

comdlg32

GetFileTitleA
ReplaceTextW
ChooseColorW
FindTextA
LoadAlterBitmap
PageSetupDlgW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
ChooseColorA
GetSaveFileNameW
PageSetupDlgA
ChooseFontA
ChooseFontW
FindTextW

user32

PostThreadMessageA
DdeAbandonTransaction
MsgWaitForMultipleObjectsEx
GetWindowThreadProcessId
DefFrameProcA
LockWindowUpdate
ScrollWindowEx
SetWindowWord
GetMenuItemRect
EnumDisplayDevicesW
GetMessageA
DrawIconEx
GetUserObjectSecurity
GetDC
IsDialogMessage
DrawAnimatedRects
GetSysColor
IsDialogMessageW
PostThreadMessageW
wvsprintfA

gdi32

GetEnhMetaFileDescriptionA
CreatePen
StartPage
RemoveFontResourceW
GetRasterizerCaps
SetLayout
GetCurrentPositionEx

Sections

.text
Size: 231KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ac25895b04e2fd1985c8308ac12ecf1

Headers

File Characteristics

Imports

kernel32

comdlg32

user32

gdi32

Sections

.text Size: 231KB - Virtual size: 231KB

.data Size: 150KB - Virtual size: 177KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 231KB - Virtual size: 231KB

.data
Size: 150KB - Virtual size: 177KB

.rsrc
Size: 10KB - Virtual size: 10KB