157b6f9eca2e4fd802db558c9f823320_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

157b6f9eca2e4fd802db558c9f823320_JaffaCakes118
Size

420KB
MD5

157b6f9eca2e4fd802db558c9f823320
SHA1

73e0b1bbdaeff266be0afa2c20a19d2d46ad0115
SHA256

841a8fb10bc7cd620db34e719250c304e44a9ff45e3d0bfd09cb7b252a94eafb
SHA512

f23426c12a579895cce319f89543ea9bcd9f41fa32a3b4cb0a29f399c2f8c7cdb423be4d7ca2e2449b59daca7c1ea86ab653924cbabbfcf8137d7d3c9512db6f
SSDEEP

6144:LgLCvkV1bB4cBhy0SkhzGInbDFQxRHO3IMO01yl6nHGEI8eWXJuX2wtKzC:EakVhOcu0SkhzGWIi1WKXJEno

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
157b6f9eca2e4fd802db558c9f823320_JaffaCakes118

Files

157b6f9eca2e4fd802db558c9f823320_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c9af61587f20ff6d3edd8505349c594c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
GetUserDefaultLCID
WaitForSingleObjectEx
VirtualQueryEx
GetStartupInfoA
GetCalendarInfoW
HeapAlloc
LoadLibraryA
TlsGetValue
MultiByteToWideChar
VirtualFree
EnumCalendarInfoA
RemoveDirectoryW
GetACP
TlsAlloc
TlsFree
FreeEnvironmentStringsW
GetStringTypeW
GetTimeFormatA
GetEnvironmentStrings
SetLastError
GetDateFormatA
GetTimeZoneInformation
GetEnvironmentStringsW
GetProfileStringA
HeapDestroy
UnhandledExceptionFilter
GetStringTypeA
GetProcAddress
CompareStringW
GetStdHandle
HeapFree
OpenEventA
GetCurrentThread
WritePrivateProfileStructA
HeapSize
VirtualQuery
LeaveCriticalSection
WriteFile
SetEnvironmentVariableA
FreeLibrary
InterlockedDecrement
TlsSetValue
GetProcessHeap
HeapReAlloc
LCMapStringW
ExitProcess
CompareStringA
WritePrivateProfileSectionW
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
IsValidCodePage
GetModuleHandleA
GetLocaleInfoA
InterlockedIncrement
IsDebuggerPresent
GetCurrentThreadId
SetHandleCount
WideCharToMultiByte
GetCommandLineA
GetLocaleInfoW
GetCurrentProcessId
GetModuleFileNameA
IsValidLocale
GetCPInfo
WritePrivateProfileSectionA
GetTickCount
HeapCreate
EnumSystemLocalesA
GetLastError
Sleep
SetConsoleCtrlHandler
RtlUnwind
GetFileType
GetSystemTimeAsFileTime
InterlockedExchange
LCMapStringA
EnterCriticalSection
DeleteCriticalSection
GetOEMCP
SetUnhandledExceptionFilter
GetVersionExA
InitializeCriticalSection

gdi32

StartDocA
CloseMetaFile
RectInRegion
GetGlyphOutlineA
UpdateICMRegKeyW
GetColorAdjustment
GetKerningPairsA
PlayMetaFileRecord
GetWindowExtEx
OffsetClipRgn
CopyMetaFileA

comdlg32

GetFileTitleA
FindTextW
ChooseFontW
PageSetupDlgW
PageSetupDlgA
ReplaceTextA
GetOpenFileNameW
GetSaveFileNameA
PrintDlgA
GetFileTitleW
ReplaceTextW
ChooseColorA
GetOpenFileNameA
FindTextA
LoadAlterBitmap
ChooseColorW

user32

IntersectRect

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9af61587f20ff6d3edd8505349c594c

Headers

File Characteristics

Imports

kernel32

gdi32

comdlg32

user32

Sections

.text Size: 136KB - Virtual size: 135KB

.data Size: 275KB - Virtual size: 295KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 136KB - Virtual size: 135KB

.data
Size: 275KB - Virtual size: 295KB

.rsrc
Size: 8KB - Virtual size: 7KB