3705776899218bf96f393496f6c099f1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3705776899218bf96f393496f6c099f1_JaffaCakes118
Size

874KB
MD5

3705776899218bf96f393496f6c099f1
SHA1

3a5fd050aa254d32a201d39297ec16ca87b090d5
SHA256

dc71a3ef9e5b2212c137f92630434f15ea94287b22759eb1e1ff0dfb32ba0505
SHA512

a8e2574c757f1efed8e45e83720c5cfc267dc24fa723deafc4f26b60f6580f7a3a4ad7491d86f07e78e5730d69d3ff2b715fc9d41c1fd212e336ce5a893cfd1f
SSDEEP

12288:UHIDGym1t96cubtb6M9rrAjDLsah7zQplWSr8137gcEqNcUuz2z+RE:UHh51notb6eADrvQyo8N7gj9KzT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3705776899218bf96f393496f6c099f1_JaffaCakes118

Files

3705776899218bf96f393496f6c099f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6056ddd0d8f28faeba66688c95e0baba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectPalette
SelectObject
CreateFontIndirectA
GetDeviceCaps
GetTextExtentPoint32A
TextOutW
SetTextColor
DeleteObject
DeleteDC
CreateDIBitmap
SetBkMode

kernel32

QueryPerformanceCounter
WriteFile
InitializeCriticalSection
GetSystemTime
FindResourceA
EnumDateFormatsA
DeleteCriticalSection
GetThreadLocale
LoadLibraryW
FlushFileBuffers
TlsSetValue
LoadLibraryA
TlsGetValue
TlsAlloc
CreateThread
HeapAlloc
MulDiv
lstrcpynW
lstrlenW
CopyFileW
GetFileAttributesW
FindNextFileW
GetModuleFileNameA
CloseHandle
CreateProcessA
GetSystemDefaultLCID
LoadLibraryExW
GetModuleHandleW
EnumSystemCodePagesA
GetStartupInfoA
OpenProcess
MultiByteToWideChar
OutputDebugStringW
GetCurrentProcess
FindResourceExA
LoadResource
HeapReAlloc
TlsFree
GetTickCount
IsDebuggerPresent
MapViewOfFile
SizeofResource
IsDBCSLeadByte
CreateProcessW
GetProcAddress
CreateFileMappingA
VirtualAlloc
LoadLibraryExA
UnmapViewOfFile
GetVersion
GetCurrentThreadId
GetFileAttributesExW
FindFirstFileW
ExitProcess
Sleep
GetModuleFileNameW
SystemTimeToFileTime
GetEnvironmentVariableA
DuplicateHandle
GetStdHandle
LockResource
FindClose
CreateMutexA
LeaveCriticalSection
ReadFile
GetFileSize

advapi32

RegSetValueExA
RegQueryValueExA
CryptDestroyHash
RegEnumValueW
CryptReleaseContext
RegCreateKeyExW
CryptAcquireContextA
CryptDestroyKey
RegEnumKeyExW
CryptVerifySignatureA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegSetValueExW
RegDeleteValueW
CryptHashData
RegDeleteKeyW
RegDeleteKeyA
RegDeleteValueA

user32

CharNextA
BeginPaint
EndPaint
GetDesktopWindow
SetForegroundWindow
RegisterClassA
LoadIconA
MessageBoxW
CharNextW
UpdateWindow
MessageBoxA
SetWindowLongA
GetWindowLongA
ReleaseDC
CreateWindowExA
GetDC
DefWindowProcA
DrawTextW
UnregisterClassA
EnumDisplayMonitors
LoadBitmapA

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6056ddd0d8f28faeba66688c95e0baba

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

advapi32

user32

Sections

.text Size: 62KB - Virtual size: 61KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 23KB - Virtual size: 22KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 62KB - Virtual size: 61KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 23KB - Virtual size: 22KB

.rsrc
Size: 2KB - Virtual size: 1KB