3363be954ab91aa6f3abb81444c2581d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3363be954ab91aa6f3abb81444c2581d_JaffaCakes118
Size

952KB
MD5

3363be954ab91aa6f3abb81444c2581d
SHA1

9f15b3c81cc389a0986bcf3011123696674e7e72
SHA256

31ee6bc59918d86489029d87ed422cdb9f027be12fc7057af9d563359ea3a201
SHA512

bab6f7ec3f7ea7d8912641078bd2235e6c65a660807a0cd0071ce2f7eb67df6ef4053ee19d331fd7fdaa42f88b479dba6da393eb1c7c5947a1de873704020448
SSDEEP

24576:tjLxtoZrE2OgSjI9jkguMOr8YC/ScxAcW:FxMfOHEwrMOvAxA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3363be954ab91aa6f3abb81444c2581d_JaffaCakes118

Files

3363be954ab91aa6f3abb81444c2581d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7fc9a34e52460f4a498d825426ba473

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
GlobalFree
DeleteAtom
Sleep
GetStdHandle
ReadFile
ReadConsoleA
GetConsoleMode
DeleteFileW
CopyFileA
CopyFileExA
CreateThread
CopyFileW
GetLastError
CreateDirectoryA
OpenFile
GetFileTime
GlobalFree
CreateThread
DeleteAtom
CopyFileW
Sleep
DeleteFileA
CreateDirectoryA
ReadFile
GetConsoleMode
OpenFileMappingA
DeleteAtom
Sleep
CreateThread
DeleteFileA
ExitThread
CopyFileExW
GetConsoleMode
GetComputerNameA
OpenFile
GetLastError
GlobalFree
FindAtomA
GetStdHandle
CopyFileW
DeleteFileW
FindFirstFileA
GetFileSize
GetCPInfo

gdi32

CopyMetaFileA
AddFontResourceW
AddFontResourceExA
DeleteDC
CancelDC
ClearBrushAttributes
GetCurrentPositionEx
GetClipBox
BeginPath
GetBrushOrgEx
CloseMetaFile
AddFontResourceA
GetBrushOrgEx
CloseMetaFile
RestoreDC
AddFontResourceW
AddFontResourceExW
ClearBitmapAttributes
CopyMetaFileA
BitBlt
BeginPath
ExtTextOutA
GetDCOrgEx

user32

AppendMenuW
DialogBoxParamA
LoadMenuA
GetDC
DrawIconEx
CopyImage
GetWindowTextA
CalcMenuBar
CopyIcon
GetMenu
DrawTextA
InsertMenuA
GetFocus
GetWindowTextLengthA
CopyRect

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 908KB - Virtual size: 905KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7fc9a34e52460f4a498d825426ba473

Headers

File Characteristics

Imports

kernel32

gdi32

user32

Sections

.text Size: 20KB - Virtual size: 18KB

.data Size: 908KB - Virtual size: 905KB

.tls Size: 4KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 7KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1.7MB

.text
Size: 20KB - Virtual size: 18KB

.data
Size: 908KB - Virtual size: 905KB

.tls
Size: 4KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 7KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1.7MB