4bcff27a0e63ab5a835346ac09513827_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4bcff27a0e63ab5a835346ac09513827_JaffaCakes118
Size

443KB
MD5

4bcff27a0e63ab5a835346ac09513827
SHA1

28b176d5cea660c51083effabd2e9a35a69b5705
SHA256

e312ea4daab43075bbe83ce665bdb07d75000a598a444a2f4766fa85b00e7043
SHA512

eb97d62cabcd0177cc0e77e9093d8cb726211ad88774bffe1247f0c432b38532d5d05d1ecdf8aa11fe5ee1e1ca93a4715697eb8f48aee07b1654ebc5c5442777
SSDEEP

12288:MFdmBvg+mnHON3cWH5TAIcpjJ83nzBVcKh:M0jYOdc25XOizhh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bcff27a0e63ab5a835346ac09513827_JaffaCakes118

Files

4bcff27a0e63ab5a835346ac09513827_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7854f7366a3ba085df13702e923c5500

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
MultiByteToWideChar
InitializeCriticalSection
ReadConsoleOutputW
RtlUnwind
GetOEMCP
CommConfigDialogW
GetCurrentProcess
GetEnvironmentStrings
VirtualAlloc
LCMapStringA
HeapDestroy
HeapReAlloc
GetCPInfo
IsValidCodePage
GetACP
SetEvent
IsValidLocale
GetModuleFileNameA
CompareStringW
GetLocaleInfoW
ExitProcess
EnumSystemLocalesA
GetLocaleInfoA
GetStringTypeA
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetFileAttributesA
GetTimeFormatA
QueryPerformanceCounter
UnhandledExceptionFilter
SetHandleCount
GetPrivateProfileSectionA
SetEnvironmentVariableA
TlsGetValue
GetDiskFreeSpaceExW
HeapAlloc
GetCurrentThread
HeapFree
GetConsoleOutputCP
LCMapStringW
GetCurrentProcessId
WriteConsoleOutputCharacterW
GetStartupInfoA
GetLastError
TlsAlloc
GetSystemInfo
WaitForMultipleObjects
FreeEnvironmentStringsA
GetStdHandle
CompareStringA
WideCharToMultiByte
SetLastError
GetFileType
ReleaseMutex
GetModuleHandleA
WriteFile
VirtualProtect
WriteProfileSectionA
GetAtomNameA
LeaveCriticalSection
DosDateTimeToFileTime
FileTimeToDosDateTime
GetUserDefaultLCID
GetStringTypeW
GetProcAddress
FreeEnvironmentStringsW
GetCommandLineA
MoveFileA
HeapSize
InterlockedExchange
GetTimeZoneInformation
VirtualFree
GetDateFormatA
VirtualQuery
TlsSetValue
TlsFree
OpenMutexW
IsBadWritePtr
GetCurrentThreadId
GetVersionExA
LocalFileTimeToFileTime
TerminateProcess
EnterCriticalSection
HeapCreate
CreateFileMappingA

gdi32

SaveDC
GetTextFaceW
StartDocW
CopyMetaFileA
PolyDraw
CreateBrushIndirect
GetMapMode
GetCurrentObject
SetBkColor
CreateColorSpaceA
SetTextCharacterExtra

comdlg32

ChooseFontA
PrintDlgA
ReplaceTextA
GetFileTitleA
GetFileTitleW

Sections

.text
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7854f7366a3ba085df13702e923c5500

Headers

File Characteristics

Imports

kernel32

gdi32

comdlg32

Sections

.text Size: 161KB - Virtual size: 161KB

.data Size: 273KB - Virtual size: 273KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 161KB - Virtual size: 161KB

.data
Size: 273KB - Virtual size: 273KB

.rsrc
Size: 7KB - Virtual size: 6KB