491a6a88dd978d450634dd21ca8a4ac8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

491a6a88dd978d450634dd21ca8a4ac8_JaffaCakes118
Size

110KB
MD5

491a6a88dd978d450634dd21ca8a4ac8
SHA1

0c8ab75d7a5f4afe333c33039d7ca90630fc647b
SHA256

53d2d2d29149b2061cba789160df3ceed57d4f34e01769f6242abd791bfc4c5c
SHA512

1f9a286a03df731c972ec2b4ed7edcc3572add8a07e54c88d1257750370e35b770bf5f5a2ea9c9f6686de4ca4ee854746164ac6112350b47d8d14c174bf130fb
SSDEEP

3072:7MGmcKY2qcSXwVxo5AxO/ovlZjyRMBFid:ZmcypSXaS5UOUdc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
491a6a88dd978d450634dd21ca8a4ac8_JaffaCakes118

Files

491a6a88dd978d450634dd21ca8a4ac8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

179c08d2c844ae35984875e074b95291

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextExtentPointA
GdiSetBatchLimit
GetTextColor
CopyMetaFileA
DeviceCapabilitiesExA
FillRgn
GetStretchBltMode
CreateEnhMetaFileA
TextOutW
PlgBlt
GetTextAlign
AddFontResourceW
GetViewportOrgEx
CreateDIBitmap
GetMetaRgn
Ellipse
PathToRegion
TextOutA
GetOutlineTextMetricsA
OffsetWindowOrgEx
CreateHalftonePalette
GetDIBColorTable
GetTextCharset
GetGraphicsMode
DeviceCapabilitiesExW
SetPixelV
GetColorSpace

user32

EnumPropsExA
EndPaint
DrawCaption
DefMDIChildProcW
GetClipboardViewer
ArrangeIconicWindows
DdeAccessData
BlockInput
CreateIcon
DdeSetQualityOfService
CascadeChildWindows
DrawFrame
ChildWindowFromPoint
DdeConnectList

msvcrt

_cabs
__p___initenv
_wstat64
_adj_fprem1
fwprintf
_strset
iswspace
_iob
freopen
__p__fileinfo
_getmbcp
frexp
getwc
_splitpath
_ultow
_getdllprocaddr
_wexecv
__RTDynamicCast
_strlwr
_lsearch
_locking
_memicmp
puts
ldexp
_commit
_toupper
__argv
_set_error_mode

kernel32

lstrcmpiW
GetConsoleAliasesW
GetLastError
GetDriveTypeA
GetProfileSectionA
CreateNamedPipeA
GetConsoleOutputCP
VirtualAlloc
CopyFileA
GetFileAttributesA
lstrcmpiA
ReadConsoleOutputAttribute
TlsFree
SetFileApisToOEM
SetVolumeLabelW
VirtualFree
TransactNamedPipe
FindFirstFileA
GetProcessVersion
SetConsoleCP
CreateFileA
GetStartupInfoA
LocalReAlloc
LoadResource
GetModuleHandleA
GetLocalTime
lstrcmpA
EnumSystemCodePagesW
SetConsoleTextAttribute
ConnectNamedPipe
SetProcessWorkingSetSize
Sleep
GetModuleHandleW
LocalFree
ExitProcess
UpdateResourceA

Sections

.text
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.hvuht
Size: 319KB - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cbvpu
Size: 96KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

179c08d2c844ae35984875e074b95291

Headers

File Characteristics

Imports

gdi32

user32

msvcrt

kernel32

Sections

.text Size: 6KB - Virtual size: 7KB

.hvuht Size: 319KB - Virtual size: 616KB

.cbvpu Size: 96KB - Virtual size: 346KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 7KB

.hvuht
Size: 319KB - Virtual size: 616KB

.cbvpu
Size: 96KB - Virtual size: 346KB

.reloc
Size: 1024B - Virtual size: 1KB