3222e65425dc1deacea00801fe4f306e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3222e65425dc1deacea00801fe4f306e_JaffaCakes118
Size

431KB
MD5

3222e65425dc1deacea00801fe4f306e
SHA1

2fbbe509b289f1a5ad97bfef9ffc6a723bd987df
SHA256

df7fb66cabb29aeee562d94523270c04bca48b38498169698e037b13f17a9b25
SHA512

46dfb65fb2dcdbf1d0f8671ae6677f386bc314d1f44b3d85684b4b985bb21b4d7138902ea19b611446d1368405b747adc052746eb299a8ad5008e8de45630a47
SSDEEP

12288:AomAiZglsjKLuMxRiFxiZDw8pZhxxKrCYv2ndG9w2:Aom5OujKLug8xvY3evKdG2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3222e65425dc1deacea00801fe4f306e_JaffaCakes118

Files

3222e65425dc1deacea00801fe4f306e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb9d2ae9a82b9710c8b8804f7a978d7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumDateFormatsExW
MoveFileA
GetModuleHandleA
OpenWaitableTimerW
CreatePipe
InterlockedExchangeAdd
CreateMutexA
LoadLibraryExW
GlobalAlloc
GetConsoleDisplayMode
VirtualAlloc
GetModuleHandleW
GetDevicePowerState
SearchPathW
QueryDosDeviceW
GlobalLock
GetConsoleAliasA
GetBinaryTypeW
CreateHardLinkA
GetFullPathNameA
GetLocalTime
ConvertThreadToFiber
GetVolumeInformationW
InitializeCriticalSectionAndSpinCount
GetUserDefaultLangID
GetBinaryTypeA
SetComputerNameA
SetConsoleOutputCP
VirtualFree
ClearCommBreak
LocalFileTimeToFileTime
OpenSemaphoreW
FileTimeToLocalFileTime
EnumSystemLocalesW
lstrlenW
InitAtomTable
_lopen
FindAtomW
GetStartupInfoA
CreateJobObjectW
SetProcessWorkingSetSize
ExitProcess
Sleep
BuildCommDCBAndTimeoutsW
PurgeComm
GetVDMCurrentDirectories
CreateSemaphoreA
GetProfileStringA

msvcrt

_ftime64
memcpy
isalnum
_findfirst64
_adj_fdiv_m64
_wmakepath
realloc
wcscoll
_ltoa
__p__osver
abort
__p__winminor
_wsystem
_ismbcprint
_ui64tow
_copysign
_CIsinh
_wfsopen
_mktime64
_getcwd
wcsncmp
putc
_atoldbl
wcscmp
__argv
_setjmp
iscntrl
_chmod
_ismbbtrail
_ismbcspace
acos
__iscsym
_wstrdate
_CIfmod
_filbuf
_mbclen
_strdup
_execvpe
_strnset

gdi32

CopyEnhMetaFileA
RestoreDC
GetStockObject
GetGraphicsMode
PolylineTo
CreateDCW
SetBkMode
SetArcDirection
EnumMetaFile
GetICMProfileW
CreateEllipticRgn
SetPolyFillMode
FixBrushOrgEx
AddFontResourceW
Chord
GetTextMetricsW
GetPixelFormat
CreateSolidBrush
GetTextCharsetInfo
SetICMProfileW
GetLogColorSpaceW
CreatePenIndirect
EndPage
GetWindowOrgEx
CopyMetaFileA

ole32

CoDosDateTimeToFileTime
OleGetClipboard
CreateAntiMoniker
WriteClassStg
CoRevokeMallocSpy
RevokeDragDrop
CoFreeLibrary

user32

DdeNameService
CreateWindowExA
ChangeMenuW
DdeAddData
DrawIcon
CloseWindow
GetAltTabInfoW
CallWindowProcA
DrawTextW
EnumDisplaySettingsExW
DdeSetUserHandle
DdeCreateDataHandle
DrawFrameControl
FindWindowExW
CreateDialogParamA
CreateDialogParamW
CreateDesktopW
ClientToScreen

Sections

.text
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ohr
Size: 308KB - Virtual size: 587KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zsnhz
Size: 115KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb9d2ae9a82b9710c8b8804f7a978d7f

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

ole32

user32

Sections

.text Size: 6KB - Virtual size: 7KB

.ohr Size: 308KB - Virtual size: 587KB

.zsnhz Size: 115KB - Virtual size: 398KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 7KB

.ohr
Size: 308KB - Virtual size: 587KB

.zsnhz
Size: 115KB - Virtual size: 398KB

.reloc
Size: 1024B - Virtual size: 1KB