22edadd8c4cbf1aa564cc1aadb0577f4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

22edadd8c4cbf1aa564cc1aadb0577f4_JaffaCakes118
Size

421KB
MD5

22edadd8c4cbf1aa564cc1aadb0577f4
SHA1

78a04cd87ba1c935cfd691e8cfaab141b24dedb5
SHA256

1a39c7f365d22bf7f3d359fdeeed9bc542aaf2e041db90c82ed9d0b2aa3ff3b6
SHA512

7f4ae4d8db12c6e4fcd7561bb2aae51654f5048af58ed9d0be31209a6c0bac6b269bdebe595d78755f916a406d0370bd6c6c9340d3765fb713d8c357d0a35554
SSDEEP

12288:qIWNziYgBAV/X/bDo+AJwzGMy2ka0ONXdA1606:aziYga/vbLIwzGtONK4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22edadd8c4cbf1aa564cc1aadb0577f4_JaffaCakes118

Files

22edadd8c4cbf1aa564cc1aadb0577f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ad0ed528092c9c2eb444a30945472a41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__dstbias
log10
iswupper
_strnicoll
ispunct
_HUGE
_osplatform
_getmbcp
_getcwd
atexit
__p__fileinfo
_wputenv
__dllonexit
_acmdln
cos
_wspawnvp
_strupr
strpbrk
_adj_fdiv_r
_ftime64
srand
localeconv
_strtime
_putenv

gdi32

GetFontLanguageInfo
CreateFontIndirectA
SetMetaRgn
EnumFontsW
GetDIBColorTable
GetCharABCWidthsFloatA
GetStockObject
GetBitmapBits
GetPixelFormat
GetCurrentObject
SetMiterLimit
GetRandomRgn
GetTextAlign
GdiGetBatchLimit
SetPaletteEntries

user32

DlgDirListComboBoxW
EnumDesktopWindows
DdeImpersonateClient
CloseWindowStation
CountClipboardFormats
CopyImage
FindWindowA
CreateWindowExW

kernel32

SetConsoleFont
GetVersionExW
GetPrivateProfileIntA
Thread32First
ExitProcess
RtlUnwind
TerminateProcess
FlushInstructionCache
ReadConsoleOutputA
FindFirstChangeNotificationW
SwitchToThread
lstrcmpiA
Sleep
GetPrivateProfileStructA
GetStartupInfoA
SetDefaultCommConfigA
SetLastError
MultiByteToWideChar
SetConsoleDisplayMode
GetBinaryTypeA
VirtualFree
MapViewOfFileEx
SetHandleInformation
GetThreadPriorityBoost
GlobalFree
GlobalFlags
Sleep
lstrcmpW
GetModuleHandleA
BackupSeek
GetNumberOfConsoleFonts
GetTimeZoneInformation
GetUserDefaultLangID
VirtualAlloc
GetCommTimeouts
PurgeComm
GetNextVDMCommand
GetModuleHandleW
WriteConsoleA
HeapFree
GetFileType
SetConsoleInputExeNameA
FindFirstFileW

comdlg32

PageSetupDlgA

Sections

.text
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.brbwv
Size: 207KB - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jsodt
Size: 206KB - Virtual size: 515KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad0ed528092c9c2eb444a30945472a41

Headers

File Characteristics

Imports

msvcrt

gdi32

user32

kernel32

comdlg32

Sections

.text Size: 6KB - Virtual size: 7KB

.brbwv Size: 207KB - Virtual size: 444KB

.jsodt Size: 206KB - Virtual size: 515KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 7KB

.brbwv
Size: 207KB - Virtual size: 444KB

.jsodt
Size: 206KB - Virtual size: 515KB

.reloc
Size: 1024B - Virtual size: 1KB