634441dbcf8511bd38d1d8edd265dc82_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

634441dbcf8511bd38d1d8edd265dc82_JaffaCakes118
Size

215KB
MD5

634441dbcf8511bd38d1d8edd265dc82
SHA1

cf103cc5da4d966c8d9ab9ad06293c08468b6ec4
SHA256

d43a3961b32300b68aa2528188b22085dbff2b0cab5238e790939094df116b59
SHA512

c1b58e872a7d2545cffc0463f7da0a88c0dd019a695910da1ebc4ab8c9c2f5e8e5778af4624cdbc4beac6e4de73709d1b893f455ea540fd8de2d75da0a3b96b2
SSDEEP

6144:4Vr8qQBPOXCxlomYqOKqStNXQxxq+D3AU6BkTN:3BPHkmYUr+xxq+DwU6STN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
634441dbcf8511bd38d1d8edd265dc82_JaffaCakes118

Files

634441dbcf8511bd38d1d8edd265dc82_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a67df65a45dbe8f21aa6cf2897322a22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameW
PageSetupDlgA
GetSaveFileNameA
FindTextA
ReplaceTextW
GetFileTitleA
ChooseColorW
PrintDlgW
GetFileTitleW
FindTextW
ChooseFontW
GetOpenFileNameW
ChooseFontA
PageSetupDlgW
GetOpenFileNameA

gdi32

CloseEnhMetaFile
EqualRgn
SetLayout
RealizePalette
ExtFloodFill

wininet

InternetSetFilePointer

shell32

SHGetSpecialFolderLocation
InternalExtractIconListW
ShellAboutA
SHFileOperation
ShellExecuteExW
SHFileOperationW
FindExecutableA
ExtractIconExA
ShellHookProc
ShellExecuteExA
ExtractIconW
ExtractAssociatedIconW

kernel32

GetModuleHandleA
GetCurrentProcess
GetModuleFileNameA
QueryPerformanceCounter
GetLastError
RtlUnwind
InitializeCriticalSection
VirtualAlloc
GlobalFix
FreeEnvironmentStringsW
GetFileType
WriteConsoleW
GetProcAddress
GetModuleFileNameW
SetHandleCount
HeapCreate
GetEnvironmentStrings
HeapReAlloc
GetCommandLineA
MultiByteToWideChar
GetEnvironmentStringsW
WriteFile
GetVersion
lstrlen
TlsAlloc
InterlockedExchange
TlsFree
HeapAlloc
EnumSystemCodePagesW
GetFileSize
GetCurrentThreadId
SetLastError
UnhandledExceptionFilter
VirtualFree
IsBadWritePtr
ExitProcess
TerminateProcess
FreeEnvironmentStringsA
HeapDestroy
GetStartupInfoW
TlsSetValue
TlsGetValue
EnterCriticalSection
GetCurrentThread
GetCommandLineW
HeapFree
LeaveCriticalSection
GetSystemTimeAsFileTime
LoadLibraryA
VirtualQuery
GetTickCount
GetStdHandle
DeleteCriticalSection
GetStartupInfoA
GetCurrentProcessId

user32

IsIconic
GetQueueStatus
DefFrameProcA
GetClipboardFormatNameW
MsgWaitForMultipleObjectsEx
EnumDisplaySettingsExW
SetParent
SetWindowRgn
DialogBoxIndirectParamW
GetClassInfoW
DrawIcon

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a67df65a45dbe8f21aa6cf2897322a22

Headers

File Characteristics

Imports

comdlg32

gdi32

wininet

shell32

kernel32

user32

Sections

.text Size: 102KB - Virtual size: 102KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 102KB - Virtual size: 102KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 7KB - Virtual size: 7KB