3afe4bbf1bf9b9a033f66b4bacb44099_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3afe4bbf1bf9b9a033f66b4bacb44099_JaffaCakes118
Size

310KB
MD5

3afe4bbf1bf9b9a033f66b4bacb44099
SHA1

d0beedb93a769ae58f804df310a6b0cb7f939c5c
SHA256

c2c35c0cc8ff522a5c99412b6070eb079905c5942f11171774f833fc22bbfbf6
SHA512

d1500fde3a62add947980b088b7b1cfdb00cbe8f5995c353148bd8b9662793f3d92206a9d1a74f075e06846da1981cf78417d555efa86051a38d3dd5425057ae
SSDEEP

6144:C+GRQ+AHBjEqkU/6utFLLicDt3NIDVixJjwnUptWG5Grxzq0fp:sRWhRkI72dIx4MWG5ye

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3afe4bbf1bf9b9a033f66b4bacb44099_JaffaCakes118

Files

3afe4bbf1bf9b9a033f66b4bacb44099_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d8f48774ffdfe3cb41759d89ee0db94f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

GetPixel
DeleteObject
RectVisible
SetDIBits
SetMapMode
BitBlt
CreateBitmap
SetDIBColorTable
TextOutW
LineTo
FillRgn
GetStockObject
ExtFloodFill
Polyline
CreateDIBSection
OffsetRgn
CreateICW
CreateDIBitmap
PlayMetaFile
LPtoDP
GetDIBits
UnrealizeObject
SelectObject
ResizePalette
SetPaletteEntries
DeleteDC
GetNearestPaletteIndex
CreateHalftonePalette
CreatePolygonRgn
EnumFontFamiliesW
TranslateCharsetInfo
PolyBezier
PtVisible
PatBlt
SetBkColor
ExtTextOutW
CreatePatternBrush
Ellipse
SetBkMode
GetDIBColorTable
Polygon
SetROP2
GetCurrentObject
RoundRect
GetPaletteEntries
SelectPalette
SetBrushOrgEx
SetPixel
MoveToEx
SaveDC
GetObjectW
GetDeviceCaps

msvcrt

wcstok
_adjust_fdiv
_wcsicmp
_itow
_CxxThrowException
wcscmp
_purecall
_onexit
_cexit
_beginthreadex
_exit
rand
_getdcwd
__argc
_controlfp
_except_handler3
_c_exit
__CxxFrameHandler
__set_app_type
_wcmdln
_ltow
_wcsdup
_wsplitpath
free
wcschr

user32

CreateWindowExA
UpdateWindow
DefWindowProcA
TranslateMessage
DestroyWindow
GetMessageA
SendMessageA
RegisterClassExA
ShowWindow
DispatchMessageA

kernel32

lstrcpynW
RaiseException
GetTickCount
LoadLibraryW
GlobalFree
GetProcessHeap
SetUnhandledExceptionFilter
GetThreadLocale
CloseHandle
HeapSize
lstrlenA
InterlockedDecrement
SetErrorMode
QueryPerformanceCounter
lstrcpyW
VirtualFree
InterlockedExchange
InterlockedIncrement
GlobalAlloc
GetExitCodeThread
GetProcessHeaps
GetCurrentThreadId
GetModuleHandleA
GetProcAddress
FileTimeToLocalFileTime
UnhandledExceptionFilter
SetEndOfFile
IsDBCSLeadByte
LocalAlloc
GetStartupInfoW
GetDateFormatW
GetTempFileNameW
GetCurrentProcess
FreeLibrary
MultiByteToWideChar
LocalFree
HeapAlloc
CreateFileW
GetCurrentProcessId
lstrcatW
lstrcmpW
GetTempPathW
VirtualAlloc
GetFileTime

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 804KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8f48774ffdfe3cb41759d89ee0db94f

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

msvcrt

user32

kernel32

Sections

.text Size: 188KB - Virtual size: 188KB

.data Size: 9KB - Virtual size: 9KB

.rsrc Size: 111KB - Virtual size: 804KB

.text
Size: 188KB - Virtual size: 188KB

.data
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 111KB - Virtual size: 804KB