0d1f2b632276104e1a55b6c935334787_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d1f2b632276104e1a55b6c935334787_JaffaCakes118
Size

372KB
MD5

0d1f2b632276104e1a55b6c935334787
SHA1

f0db8ac63557ab4d6ad771e9cea7a35950ca1524
SHA256

c0a34c846a2a562bec22131f44735c47174594f160759c553f9297f0715ec635
SHA512

b9c59a8709107b49ee2ea1e1bee8a25ced567fbc21e30282756ea70b7af662855f24d021414f86fa3ec7b99c4ba8ec6bb8630603dcca8dc87ef816d44c6485a6
SSDEEP

6144:7UWYabGWW/ZK475ReZ5eeuqswiLDmeZamfmnnjmUqKPvC25n:7UWYaqWoK4t0Z5ep+WDmI1fumUZ5n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d1f2b632276104e1a55b6c935334787_JaffaCakes118

Files

0d1f2b632276104e1a55b6c935334787_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4be93da1bd35c9f59b0cf6edd70d0b08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

ddraw

DirectDrawCreateEx

kernel32

GetCurrentDirectoryA
GetSystemInfo
OutputDebugStringA
CloseHandle
WriteFile
CreateFileA
GetModuleHandleA
GetTickCount
GetLocaleInfoW
CompareStringW
CompareStringA
LoadLibraryA
GetOEMCP
GetACP
GetModuleFileNameA
InterlockedExchange
SetStdHandle
IsBadCodePtr
IsBadReadPtr
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
ReadFile
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
SetCurrentDirectoryA
CreateMutexA
GetLastError
ReleaseMutex
GetDiskFreeSpaceA
FindFirstFileA
OpenProcess
TerminateProcess
Sleep
CopyFileA
DeleteFileA
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapFree
RtlUnwind
RaiseException
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileA
SetEnvironmentVariableA
MoveFileA
GetFileAttributesA
CreateDirectoryA
RemoveDirectoryA
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
HeapAlloc
GetProcAddress
GetCurrentProcess
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
FlushFileBuffers
SetFilePointer
HeapSize
VirtualProtect
VirtualQuery
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
SetEndOfFile

user32

LoadImageA
GetWindowRect
ClientToScreen
PostMessageA
GetClientRect
FindWindowA
GetWindowThreadProcessId
SetWindowTextA
SendMessageA
GetSystemMetrics
CreateWindowExA
MessageBoxA
DestroyWindow

gdi32

DeleteObject
CreateCompatibleDC
SelectObject
GetObjectA
StretchBlt
DeleteDC

shell32

ShellExecuteA

Sections

.text
Size: 292KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4be93da1bd35c9f59b0cf6edd70d0b08

Headers

File Characteristics

Imports

comctl32

ddraw

kernel32

user32

gdi32

shell32

Sections

.text Size: 292KB - Virtual size: 292KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 16KB - Virtual size: 241KB

.rsrc Size: 16KB - Virtual size: 36KB

.text
Size: 292KB - Virtual size: 292KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 16KB - Virtual size: 241KB

.rsrc
Size: 16KB - Virtual size: 36KB