301afaf45ca7a5b3a9c2414afda54017_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

301afaf45ca7a5b3a9c2414afda54017_JaffaCakes118
Size

509KB
MD5

301afaf45ca7a5b3a9c2414afda54017
SHA1

fad6c36ca1b5fc89c26471c642f4d86172e35e4e
SHA256

3e445ae511401acd3aa6014a5b8e83d085e0a74469da0abdbdc5174a22d959fd
SHA512

400c9652dbe054c22f878b85daa2ce128d4e3210dbdf1fb66d4fa1267374fad28c1089d14e5fc4c353d11d43b4cbec5e4079d03caad1e1131668e09d36d2f2e0
SSDEEP

12288:Lu7BKltOjD1P+2/kifGNw64z7tA3TsjHx:Lu74lYXV8ifKwHz7yox

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
301afaf45ca7a5b3a9c2414afda54017_JaffaCakes118

Files

301afaf45ca7a5b3a9c2414afda54017_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e3be343422d3035f6407105b4d9a74b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumDisplaySettingsExA
RegisterClassA
GetWindowDC
VkKeyScanExW
UnregisterDeviceNotification
DestroyMenu
RegisterClassExA

gdi32

GetFontLanguageInfo
GetOutlineTextMetricsA
GetTextExtentPoint32W
InvertRgn
GetBkColor
GetMetaFileA
CopyMetaFileW
GetKerningPairsW
GetLayout
GdiPlayScript
PathToRegion
CreateMetaFileA
EnumICMProfilesW
EndPage
GetClipRgn
TranslateCharsetInfo
AddFontResourceA
ColorCorrectPalette
Pie
GetTextExtentPointW
GetObjectW
GetTextCharsetInfo
GetDeviceCaps

kernel32

GetModuleHandleW
GetModuleFileNameW
CompareStringA
GetUserDefaultLangID
GetFileType
ReadFile
GetConsoleMode
SetHandleCount
GetPrivateProfileSectionNamesW
GetStartupInfoW
GetCurrentThread
CloseHandle
GetCommandLineA
IsValidCodePage
CreateFileA
HeapFree
WideCharToMultiByte
GetUserDefaultLCID
VirtualFree
TerminateProcess
LocalCompact
EnumSystemLocalesA
ExitProcess
LoadLibraryA
GetStringTypeW
TlsGetValue
GlobalGetAtomNameA
HeapDestroy
GetStringTypeA
GetConsoleOutputCP
GetModuleHandleA
GetProcAddress
QueryPerformanceCounter
Sleep
VirtualQuery
GetCurrentThreadId
LCMapStringA
CompareStringW
GetOEMCP
GetTimeZoneInformation
FreeLibrary
TlsSetValue
GetCommandLineW
SetStdHandle
TlsFree
GetTempPathW
GetACP
GetTickCount
InterlockedIncrement
WriteConsoleW
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
SetConsoleCtrlHandler
DeleteCriticalSection
ReadConsoleA
SetThreadPriority
GetSystemTimeAsFileTime
OpenMutexA
ConvertDefaultLocale
SetConsoleTitleA
InterlockedExchange
GetStdHandle
GetLocaleInfoA
GetLastError
GetCalendarInfoW
HeapAlloc
GetStartupInfoA
GetConsoleCP
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetCPInfo
GetModuleFileNameA
GetDateFormatA
SetEnvironmentVariableA
LCMapStringW
IsValidLocale
InterlockedExchangeAdd
HeapCreate
GlobalLock
WriteFile
GetCurrentProcessId
GetCurrentProcess
LeaveCriticalSection
GlobalAlloc
SetLocaleInfoA
FindAtomA
IsDebuggerPresent
GetLocaleInfoW
UnhandledExceptionFilter
HeapSize
RtlUnwind
SetLastError
VirtualAlloc
MultiByteToWideChar
FlushFileBuffers
WriteConsoleA
SetFileAttributesA
SetCriticalSectionSpinCount
TlsAlloc
CreateMutexA
SetFilePointer
GetTimeFormatA
HeapReAlloc
EnterCriticalSection

comctl32

InitCommonControlsEx

Sections

.text
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e3be343422d3035f6407105b4d9a74b

Headers

File Characteristics

Imports

user32

gdi32

kernel32

comctl32

Sections

.text Size: 181KB - Virtual size: 181KB

.rdata Size: 10KB - Virtual size: 15KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 181KB - Virtual size: 181KB

.rdata
Size: 10KB - Virtual size: 15KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 3KB - Virtual size: 3KB