5a635c2be8f534f1eed01c09f16bf1a1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5a635c2be8f534f1eed01c09f16bf1a1_JaffaCakes118
Size

504KB
MD5

5a635c2be8f534f1eed01c09f16bf1a1
SHA1

51340460dc29fdb4ba18548c764fb0e879106c64
SHA256

b853a93928b2de20cb01c97325f94b70b63049a2936883cb6259efd507181eb0
SHA512

9c891c83777a8d1e498969f49d1f360af082571c6e963ea7f623ff37badd71194e583ecd6a5343ab3c1869cbba073800e661bbb11cb26680c71063f1ff214556
SSDEEP

12288:sjkwqjRck95+RvH/51fHwXHP88E831vYhYbvTIkzg:HwqFj5ivIHPxE86Yf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a635c2be8f534f1eed01c09f16bf1a1_JaffaCakes118

Files

5a635c2be8f534f1eed01c09f16bf1a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ba7651a9ef0a51c9c4840d7b2a344dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetCurrentThreadId
GetModuleFileNameW
VirtualProtect
GetCurrentThreadId
HeapAlloc
CloseHandle
CreateFileW
GetModuleFileNameW
EnterCriticalSection
InterlockedCompareExchange
GetCurrentProcess
GetTickCount
VirtualAlloc
InitializeCriticalSection
GetModuleFileNameW
InterlockedIncrement
InterlockedExchange
FreeLibrary
HeapAlloc
HeapFree
VirtualAlloc
GetLastError
ReadFile
lstrlenA
SetLastError
GetModuleFileNameW
InterlockedCompareExchange
DisableThreadLibraryCalls
QueryPerformanceCounter
GetCurrentProcessId
MultiByteToWideChar
InitializeCriticalSection
LocalAlloc
LoadLibraryW
VirtualAlloc
InterlockedCompareExchange
LocalFree
GetModuleHandleW
GetLastError
Sleep
GetVersionExA
HeapDestroy
GetModuleFileNameW
lstrlenA
VirtualProtect
InterlockedExchange
InterlockedExchange
lstrcmpiW
Sleep
LocalAlloc
GetTickCount
UnhandledExceptionFilter
InterlockedExchange
SetLastError
GetCurrentThreadId
ReadFile
GetVersionExA
LoadLibraryA
GetSystemTimeAsFileTime

gdi32

LineTo
CreateBitmap
SetPixel
Ellipse
RoundRect
SetBkMode
CreateBitmap
LineTo
GetWindowExtEx
SetBkColor
SetWindowOrgEx
SetBkMode
GetWindowExtEx
SetPixel
SelectObject
CombineRgn
CreateFontA
SetWindowExtEx
SetTextColor
CreateDIBSection
SetBrushOrgEx
SetTextColor
CreateFontA
SetBkColor
GetBrushOrgEx
CreateCompatibleDC
BitBlt
StretchBlt
CombineRgn
GetPixel
SelectObject
SetTextColor
MoveToEx
CreateRectRgn
SetBkMode
CreateBitmapIndirect
SetTextColor
CreateFontA
StretchBlt
BitBlt
PatBlt
Rectangle
PatBlt
CreateFontA
GetPixel
CombineRgn
GetWindowOrgEx
GetCurrentObject
PatBlt
CreateFontIndirectA
SetBkColor
GetWindowOrgEx
Polygon
CreateRectRgn
CreatePen
GetBkColor
GetCurrentObject
GetWindowExtEx

Sections

.text
Size: 498KB - Virtual size: 964KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ba7651a9ef0a51c9c4840d7b2a344dc

Headers

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 498KB - Virtual size: 964KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 498KB - Virtual size: 964KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB