388942231cefb83a28e414d028744fce_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

388942231cefb83a28e414d028744fce_JaffaCakes118
Size

415KB
MD5

388942231cefb83a28e414d028744fce
SHA1

7360a63362e2b7d8445e00bfecac5f79a69120f2
SHA256

42409402a1a83871403638eb6da9098ba693df2e158ea394b16d61e0682f2f1c
SHA512

4829be557386d39e61748d296a26e60041f22443d0c6a97260784ecfceca654f4a21423a13aa89c9a62140e7cc0e62f057144466358dfde229c3faaf64ba9d0d
SSDEEP

12288:JVcPIEYkzCI+m0/ZU+gtOFkecSClrGxJGs7lz:rcAEYkXCUjPVGLZz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
388942231cefb83a28e414d028744fce_JaffaCakes118

Files

388942231cefb83a28e414d028744fce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b05a3921de251f11130d99410b4a716

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateHatchBrush
GetKerningPairsW
IntersectClipRect
GetTextFaceW
GetStockObject
GetSystemPaletteUse
GetMapMode
OffsetClipRgn
GetBitmapDimensionEx
SetBkMode
PlgBlt
SetRectRgn
GetArcDirection
AbortDoc
SetSystemPaletteUse
CreateRectRgn
PolylineTo
DeviceCapabilitiesExA

ole32

OleConvertIStorageToOLESTREAM
CoUnmarshalInterface
CoCreateInstance
GetRunningObjectTable
IsAccelerator
OleBuildVersion
CoUnmarshalHresult
IsEqualGUID
CoRevokeClassObject
OleQueryCreateFromData
GetHookInterface
StgIsStorageILockBytes
OleQueryLinkFromData
CoGetClassObject
OleSetClipboard
OleCreateEmbeddingHelper

kernel32

CreateFiber
GetPriorityClass
CreateMailslotW
ScrollConsoleScreenBufferA
ExpandEnvironmentStringsW
LoadLibraryExW
SetConsoleOutputCP
lstrcmpA
VirtualFree
EnumResourceNamesW
GetVersionExW
lstrcmpW
LockResource
GetFileAttributesA
ExitProcess
GlobalReAlloc
FatalAppExitA
GetTapePosition
FreeLibrary
CreateWaitableTimerA
GetModuleHandleA
IsBadStringPtrW
SetHandleCount
lstrcpyA
SetCommState
VirtualProtect
OpenEventW
VirtualAlloc
GetPrivateProfileIntW
SetComputerNameA
OpenProfileUserMapping
GetDriveTypeW
lstrcmpiW
WriteConsoleInputA
SetConsoleFont
GetConsoleAliasExesW
GetConsoleAliasExesLengthA
CreateTapePartition
SetConsoleInputExeNameW
GetStartupInfoA
GetSystemTime
QueryInformationJobObject
GetCompressedFileSizeW
GetEnvironmentStringsA
ConsoleMenuControl
GetProfileIntW
BackupRead
Sleep
GetModuleFileNameW

user32

CharUpperW
CloseWindowStation
ClientToScreen
CreateDialogParamW
CharToOemA
EditWndProc
DialogBoxParamW
CreateDialogIndirectParamW
DrawTextW
DragObject
DdeCmpStringHandles
CreateDialogIndirectParamA
AdjustWindowRectEx
CascadeChildWindows
DlgDirSelectExA
DefFrameProcA
EnableWindow
AppendMenuW

msvcrt

time
_adj_fptan
wcstoul
iswlower
_adj_fdiv_m32
wctomb
srand
strerror
_adj_fdiv_m64
ldiv
_yn
_setmode
iswalpha
_pclose
iswupper
_control87
wcscoll
strtoul
printf
_wstat
wcsspn
iscntrl
system
_wexecvpe
putwchar
_wspawnl
towlower
_wmakepath
raise
fscanf
_j0
_kbhit
__lc_codepage
_execvpe
_atodbl
_commit
wcsncpy
_fmode
_getdcwd

comdlg32

GetOpenFileNameA
PageSetupDlgW

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lwa
Size: 83KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mqi
Size: 108KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jmp
Size: 216KB - Virtual size: 370KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b05a3921de251f11130d99410b4a716

Headers

File Characteristics

Imports

gdi32

ole32

kernel32

user32

msvcrt

comdlg32

Sections

.text Size: 6KB - Virtual size: 6KB

.lwa Size: 83KB - Virtual size: 308KB

.mqi Size: 108KB - Virtual size: 261KB

.jmp Size: 216KB - Virtual size: 370KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB

.lwa
Size: 83KB - Virtual size: 308KB

.mqi
Size: 108KB - Virtual size: 261KB

.jmp
Size: 216KB - Virtual size: 370KB

.reloc
Size: 1024B - Virtual size: 1KB