2d723f6ebaa30077769484e4cb12dea3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d723f6ebaa30077769484e4cb12dea3_JaffaCakes118
Size

176KB
MD5

2d723f6ebaa30077769484e4cb12dea3
SHA1

1cfb63846e91c4cea615efa6c01424ff2f955ca3
SHA256

d637f8b1904af24c1e9bf323a5e9e90aeb57dc833b82d59edfcc2c5cf882a93a
SHA512

92d4594e3dd37ca7ec5daf2493e75e9668d070e63aebedc63114d77ce402b0e37aa68f5b077b7ea9a57364ff606b7ed4e66b8484ada7f1453a42ab8573d069a5
SSDEEP

3072:vi0CJ7q0mRjUra90Zd1zPVhLMb5rc5BIr8xW5SywWpkUNzlg5PJp5gRr5Y:yJ7q0mFod1DVhcc5Sr8oAywgk2g5Bp56

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d723f6ebaa30077769484e4cb12dea3_JaffaCakes118

Files

2d723f6ebaa30077769484e4cb12dea3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f63c27f8b1f1ed82de1a0eddb8b2361

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
SetEvent
PrivCopyFileExW
GetACP
lstrcmpW
WaitForSingleObject
GetThreadLocale
ResetEvent
EnterCriticalSection
GlobalReAlloc
InterlockedExchange
CreateThread
DeleteCriticalSection
WriteFile
VirtualAlloc
InterlockedIncrement
GetProcessId
GetVersionExW
GlobalFree
CloseHandle
GetProcAddress
MultiByteToWideChar
lstrcpynW
GlobalLock
GlobalAlloc
GetLocaleInfoA
GetModuleFileNameW
ProcessIdToSessionId
GetTickCount
DuplicateHandle
CreateFileW
GetCurrentThread
CreateSemaphoreW
EnumResourceTypesA
GetCurrentProcessId
Sleep
CreateEventW
LeaveCriticalSection
GetSystemTimeAsFileTime
SetThreadPriority
GetCurrentThreadId
lstrlenW
LocalAlloc
LoadLibraryW
ExitProcess
FreeLibrary
GlobalUnlock
InitializeCriticalSection
WaitForMultipleObjects
QueryPerformanceCounter
GetLastError
lstrcmpiW
DisableThreadLibraryCalls
RaiseException
LocalFree
lstrcpyW
OutputDebugStringW
GetModuleHandleW
GetVersionExA
GetCurrentProcess
VirtualFree
GetSystemInfo
GetThreadPriority
ReleaseSemaphore
lstrlenA
GetModuleFileNameA

gdi32

GetStockObject
CreateDIBSection
SetStretchBltMode
GetDIBits
StretchDIBits
SelectObject
RealizePalette
GetObjectW
SelectPalette
CreateCompatibleDC
BitBlt

gdiplus

GdipCreateBitmapFromStream
GdiplusStartup
GdipDisposeImage
GdipFree
GdipAlloc
GdipCreateBitmapFromStreamICM
GdipCreateHBITMAPFromBitmap
GdipGetImageThumbnail
GdiplusShutdown
GdipCloneImage

winmm

mixerGetLineControlsW
mixerGetControlDetailsW
mixerOpen
timeSetEvent
mixerSetControlDetails
mixerGetLineInfoW
timeGetTime
mixerClose
waveInGetDevCapsW
mixerGetNumDevs
waveInGetNumDevs
mixerGetDevCapsW

user32

GetWindowRect
UnregisterClassA
SetTimer
SetParent
PeekMessageW
KillTimer
PostThreadMessageW
RegisterWindowMessageW
wsprintfW
EnableWindow
ReleaseDC
wvsprintfW
DispatchMessageW
GetQueueStatus
GetDC
IsWindowVisible
TranslateMessage
UnregisterClassW
MsgWaitForMultipleObjects

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f63c27f8b1f1ed82de1a0eddb8b2361

Headers

File Characteristics

Imports

kernel32

gdi32

gdiplus

winmm

user32

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 68KB - Virtual size: 67KB

.tls Size: 1024B - Virtual size: 372KB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 68KB - Virtual size: 67KB

.tls
Size: 1024B - Virtual size: 372KB