295809f13bb35dee5212743e99507067_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

295809f13bb35dee5212743e99507067_JaffaCakes118
Size

548KB
MD5

295809f13bb35dee5212743e99507067
SHA1

5b220667671a4b78eaffb32c341aa0ca61f8da02
SHA256

f5ad2bed416090642ed901afd0b17a99cd160724df04b7cc5238044a1f6dbe72
SHA512

68cf524df75180b5b9e5ed7b4b4726841156e400423220053c3d3c9f3d399b04a439cbccb1b7b980e7697074e4b1e1b5b2bd10a6b8d31d698b8062a0127e0efc
SSDEEP

12288:kLc9tGapJVvhPaRV8HCHmD+3uFKjtRTueq2LkMoXvuZ:kLcVLVUVNmDrFARTueH6fuZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
295809f13bb35dee5212743e99507067_JaffaCakes118

Files

295809f13bb35dee5212743e99507067_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30d26c7f87cbf83e6e87f3f119617aa7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

PolyTextOutA
GetTextExtentPointA
CreateFontIndirectW
CreateEnhMetaFileW
PtInRegion
GetBitmapBits
CancelDC
StretchDIBits
ResizePalette
DeleteDC
TextOutW
DeleteObject
GetEnhMetaFilePaletteEntries
GetFontData
GetEnhMetaFileHeader

kernel32

GetStringTypeA
GetCompressedFileSizeW
FlushConsoleInputBuffer
EnumSystemLocalesA
UnhandledExceptionFilter
ExitProcess
GetACP
WideCharToMultiByte
IsValidLocale
QueryPerformanceCounter
GetStdHandle
GlobalLock
CloseHandle
VirtualAlloc
GetLastError
RtlUnwind
GetModuleHandleA
GetEnvironmentStringsW
SetEnvironmentVariableW
HeapAlloc
TlsSetValue
GetDriveTypeW
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
HeapDestroy
GetTimeFormatA
SetLastError
GetCurrentProcessId
GetLocaleInfoA
LCMapStringA
GetCurrentThreadId
GetCurrentThread
FreeEnvironmentStringsA
GetStringTypeW
GetSystemTimeAsFileTime
GetStartupInfoA
LeaveCriticalSection
IsValidCodePage
HeapFree
GetSystemInfo
InterlockedExchangeAdd
TlsFree
SetEnvironmentVariableA
FreeEnvironmentStringsW
SetConsoleCursorInfo
InitializeCriticalSection
GetThreadTimes
GetCPInfo
GetVersionExA
CompareStringA
GetProcAddress
CompareStringW
GetFileType
CreateMutexA
VirtualProtect
AddAtomA
GetCommandLineA
VirtualFree
GetLocaleInfoW
TlsAlloc
ReadFile
TlsGetValue
GetCurrentProcess
LCMapStringW
DeleteCriticalSection
EnterCriticalSection
SetHandleCount
FlushFileBuffers
EnumSystemCodePagesA
GetDateFormatA
GetUserDefaultLCID
WriteFile
SetStdHandle
HeapCreate
OpenMutexA
TerminateProcess
HeapSize
GetTickCount
IsBadWritePtr
GetEnvironmentStrings
InterlockedExchange
GetTimeZoneInformation
CreateThread
GetEnvironmentVariableW
GetOEMCP
VirtualQuery
LoadLibraryA
HeapReAlloc
GetModuleFileNameA
SetFilePointer
SetConsoleScreenBufferSize

comctl32

InitCommonControlsEx

wininet

InternetQueryFortezzaStatus

comdlg32

GetSaveFileNameW

user32

RegisterClassA
RegisterClassExA
VkKeyScanW

Sections

.text
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30d26c7f87cbf83e6e87f3f119617aa7

Headers

File Characteristics

Imports

gdi32

kernel32

comctl32

wininet

comdlg32

user32

Sections

.text Size: 216KB - Virtual size: 215KB

.rdata Size: 8KB - Virtual size: 19KB

.data Size: 315KB - Virtual size: 314KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 216KB - Virtual size: 215KB

.rdata
Size: 8KB - Virtual size: 19KB

.data
Size: 315KB - Virtual size: 314KB

.rsrc
Size: 8KB - Virtual size: 8KB