2da765d222a079849e85035e6bd48b1f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2da765d222a079849e85035e6bd48b1f_JaffaCakes118
Size

497KB
MD5

2da765d222a079849e85035e6bd48b1f
SHA1

b3c57eb14b01328cf3df1b42b48b2ddf7c54fe11
SHA256

87e5f6c201d7c00b3e02062bb3b02cf68ff6dc4f1a97c0f6103c5e0741431593
SHA512

9f3f3db3a03434c24eec44c12ba0b13d1dfb3cc4104844e650edd395ca7920e9e0ea49327845360870f78332b897cebdb5aef187c943d26b886727b322a361ab
SSDEEP

12288:M1m0WVjQ3GGROPCnPVxSKCQPnDRwLZp+5qggeGM98+1V+Q:M1m0WsOwP0QvIZp4Fgt+1V+Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2da765d222a079849e85035e6bd48b1f_JaffaCakes118

Files

2da765d222a079849e85035e6bd48b1f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b3b5828da0f50c0691f9895e8afdcda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EnumFontFamiliesW
PlayMetaFileRecord
SetLayout
SetDIBColorTable
ExtCreatePen
SetBkMode
GdiPlayJournal
GetGlyphOutlineW
SetWindowOrgEx
CreateFontW

kernel32

CloseHandle
HeapFree
GetOEMCP
GetSystemTimeAsFileTime
TerminateProcess
VirtualProtect
VirtualFree
GetCurrentProcess
RtlUnwind
GetEnvironmentStrings
GetCurrentThreadId
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
GetStartupInfoA
FreeEnvironmentStringsW
GetStringTypeA
VirtualQuery
GetTickCount
MultiByteToWideChar
GetProcAddress
VirtualAlloc
GetLocaleInfoA
HeapAlloc
GetStringTypeW
TlsFree
GetModuleFileNameA
InitializeCriticalSection
ExitProcess
CompareStringA
TlsSetValue
IsBadWritePtr
GetEnvironmentStringsW
WriteFile
IsValidLocale
GetDateFormatA
HeapReAlloc
DeleteCriticalSection
TlsAlloc
HeapCreate
LoadLibraryA
SetStdHandle
HeapDestroy
SetLastError
SetEnvironmentVariableA
SetHandleCount
LCMapStringA
OpenMutexA
SetFilePointer
GetModuleHandleA
ReadFile
GetACP
GetSystemInfo
GetCurrentProcessId
GetCurrentThread
IsValidCodePage
GetFileType
RtlFillMemory
CreateMutexA
GetLastError
GetTimeFormatA
FreeEnvironmentStringsA
WideCharToMultiByte
GetLocaleInfoW
GetCommandLineA
GetStdHandle
TlsGetValue
InterlockedExchange
GetVersionExA
HeapSize
Sleep
FlushFileBuffers
SystemTimeToFileTime
UnhandledExceptionFilter
GetTimeZoneInformation
GetUserDefaultLCID
CompareStringW
LCMapStringW
QueryPerformanceCounter
EnumSystemLocalesA

user32

DrawTextExW
MessageBoxW
NotifyWinEvent
ShowWindow
RegisterClassA
GetWindowTextA
RegisterClassExA
CreateWindowExW
SetMenuInfo

comctl32

InitCommonControlsEx
ImageList_SetIconSize
MakeDragList
ImageList_LoadImageW
_TrackMouseEvent
CreateUpDownControl
ImageList_SetImageCount
ImageList_Remove
DestroyPropertySheetPage
ImageList_Replace

comdlg32

ChooseFontA
PrintDlgA

Sections

.text
Size: 325KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b3b5828da0f50c0691f9895e8afdcda

Headers

File Characteristics

Imports

gdi32

kernel32

user32

comctl32

comdlg32

Sections

.text Size: 325KB - Virtual size: 324KB

.rdata Size: 39KB - Virtual size: 67KB

.data Size: 112KB - Virtual size: 111KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 325KB - Virtual size: 324KB

.rdata
Size: 39KB - Virtual size: 67KB

.data
Size: 112KB - Virtual size: 111KB

.rsrc
Size: 20KB - Virtual size: 20KB