228a9e3d89da07fb16b2ee20a4b08136_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

228a9e3d89da07fb16b2ee20a4b08136_JaffaCakes118
Size

443KB
MD5

228a9e3d89da07fb16b2ee20a4b08136
SHA1

0c6af8337a18a401165cca5492542913aa56f6c1
SHA256

75c18f6fbf49e0b523c2e77a174dd8ca56e8ed150a8fe5378cf7ea68fd75d81b
SHA512

1df556673fc2cd05b973fc91966887c01587e2561ee0d303dbfaa4c50cd950af95b91e9b792a89018c77ec0af1949d81fa72694a0bac042af3dbf3acf7b3c1f8
SSDEEP

6144:DyErmDfw+j1iilzj4dS/wGG3B9DuRPOtard9b9FFYHcC3ZVcIQ+1r3ChqAKLhx:Dyqm0wf7IGG3BRkOtafFYHr0+BFX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
228a9e3d89da07fb16b2ee20a4b08136_JaffaCakes118

Files

228a9e3d89da07fb16b2ee20a4b08136_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d5fbda41f5f7cae97243b8aa6336c3f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
GetUserDefaultLCID
GetVolumeInformationW
SetConsoleTitleA
GetStartupInfoA
SetConsoleCP
HeapAlloc
LoadLibraryA
TlsSetValue
SetConsoleCtrlHandler
WideCharToMultiByte
SetEnvironmentVariableA
GetModuleHandleW
GetACP
TlsFree
TlsGetValue
FreeEnvironmentStringsW
GetStringTypeW
GetTimeFormatA
WriteConsoleA
Sleep
GetDateFormatA
GetTimeZoneInformation
GetEnvironmentStrings
WriteConsoleOutputAttribute
HeapSize
VirtualFree
GetStringTypeA
GetProcAddress
CompareStringW
GetStdHandle
HeapFree
SetCurrentDirectoryA
GetCurrentThread
EnumSystemCodePagesW
InitializeCriticalSectionAndSpinCount
VirtualQuery
MultiByteToWideChar
InterlockedDecrement
SetLastError
FreeLibrary
InterlockedIncrement
UnhandledExceptionFilter
GetOEMCP
HeapReAlloc
LeaveCriticalSection
ExitProcess
CompareStringA
SetVolumeLabelW
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
IsValidLocale
GetModuleHandleA
GetLastError
IsDebuggerPresent
IsValidCodePage
GetCurrentThreadId
SetUnhandledExceptionFilter
WriteFile
GetCommandLineA
GetLocaleInfoA
GetCurrentProcessId
GetModuleFileNameA
LCMapStringA
GetCPInfo
GetStartupInfoW
GetTickCount
HeapDestroy
EnumSystemLocalesA
GetFileType
TlsAlloc
SetHandleCount
RtlUnwind
GetEnvironmentStringsW
GetSystemTimeAsFileTime
InterlockedExchange
LCMapStringW
EnterCriticalSection
DeleteCriticalSection
GetLocaleInfoW
LocalSize
HeapCreate

gdi32

EnumFontFamiliesA
GetEnhMetaFilePaletteEntries
FloodFill
CloseEnhMetaFile
PathToRegion
GetStretchBltMode
GdiSetBatchLimit
GetMetaFileA
GetDIBColorTable
Ellipse
GetTextCharacterExtra
IntersectClipRect
SetMetaFileBitsEx
GetWorldTransform
GetNearestColor
GetTextAlign
ColorCorrectPalette
GetEnhMetaFileHeader
OffsetRgn
EqualRgn
EnumObjects
PtVisible

advapi32

CryptGenRandom
CryptSetProviderExW
InitiateSystemShutdownW
LookupPrivilegeDisplayNameW
CryptDestroyKey
CryptEnumProvidersW
CryptSetProviderW

comdlg32

GetSaveFileNameA
GetOpenFileNameA
FindTextW
FindTextA
GetSaveFileNameW
GetFileTitleA
PrintDlgW
PageSetupDlgW
ChooseColorW
ReplaceTextW
GetOpenFileNameW
GetFileTitleW
ChooseColorA
PrintDlgA
PageSetupDlgA
LoadAlterBitmap
ChooseFontA
ReplaceTextA

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 310KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5fbda41f5f7cae97243b8aa6336c3f4

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

comdlg32

Sections

.text Size: 129KB - Virtual size: 129KB

.data Size: 310KB - Virtual size: 326KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 129KB - Virtual size: 129KB

.data
Size: 310KB - Virtual size: 326KB

.rsrc
Size: 2KB - Virtual size: 2KB