643c88786fc14d56314894be4caa5d91_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

643c88786fc14d56314894be4caa5d91_JaffaCakes118
Size

434KB
MD5

643c88786fc14d56314894be4caa5d91
SHA1

cb8e8e3931aeed77524538a8b103996edf20d426
SHA256

43b3ba5259958427ef113b2ad4f649b37b5bdfe077075e9ce6ad6407cf46e889
SHA512

3b8cf394aedd3823f94d3b839bdabe939c0262157e644dfea00079caf67adb1f80ba2a7339ad132924c82a8b5ca4ed0173b9161253c0afc638ceaa716c4f7e90
SSDEEP

12288:tZs6iicM9ZDDUAEbnE6/v6pgbn6NOql3tHAdINk0YrqfDcGA3g2W2ctQzX:jzlYr6cGA3gXC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
643c88786fc14d56314894be4caa5d91_JaffaCakes118

Files

643c88786fc14d56314894be4caa5d91_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa3a0f7311db4748c34fe4ab0baf0412

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SaveDC
SelectObject
PlayMetaFileRecord
PolyTextOutW
GetCharacterPlacementW
DescribePixelFormat
GetWorldTransform
SetBitmapBits
GetClipRgn
FrameRgn
RectInRegion
SetMiterLimit
SelectClipPath
SelectClipRgn
GetTextExtentPoint32A
GetMetaFileBitsEx
GetTextExtentExPointA
ResizePalette
AddFontResourceW
CreateScalableFontResourceW
GetEnhMetaFileHeader
ChoosePixelFormat
GetBkColor
OffsetWindowOrgEx

comdlg32

ChooseFontA
ReplaceTextW
ChooseColorW
ReplaceTextA
ChooseFontW
GetOpenFileNameA
PrintDlgW
LoadAlterBitmap
GetSaveFileNameW
PrintDlgA

shell32

SheChangeDirExW
RealShellExecuteExA
CommandLineToArgvW
CheckEscapesW
RealShellExecuteW
ExtractAssociatedIconW
DragQueryFileAorW
SHInvokePrinterCommandA
RealShellExecuteExW
SHGetNewLinkInfo
ShellExecuteExW
DragQueryFileW
ExtractIconA
DuplicateIcon

wininet

ResumeSuspendedDownload

kernel32

TerminateProcess
FillConsoleOutputAttribute
GetModuleFileNameW
GetTickCount
ExitProcess
VirtualAlloc
InitializeCriticalSection
GetPrivateProfileSectionNamesA
CompareStringW
HeapDestroy
IsValidCodePage
CreateFileMappingA
CompareStringA
InterlockedExchange
HeapValidate
GetVolumeInformationW
WideCharToMultiByte
GetTimeFormatA
GetCurrentProcess
GetEnvironmentStrings
GetStdHandle
EnumSystemLocalesA
Sleep
SetEvent
HeapReAlloc
ExitThread
GetLocaleInfoW
GetCommandLineW
GetDateFormatA
VirtualQuery
VirtualAllocEx
GetModuleFileNameA
CreateProcessW
SetEnvironmentVariableA
GetStartupInfoW
LCMapStringW
LeaveCriticalSection
GetCurrentThreadId
GetProcAddress
FreeEnvironmentStringsW
SetConsoleTextAttribute
HeapSize
GetEnvironmentStringsW
GetLocaleInfoA
VirtualProtect
GetSystemTimeAsFileTime
LoadLibraryA
GetNamedPipeHandleStateW
GetCommandLineA
GetProfileIntW
GetCPInfo
ReadConsoleOutputA
SetLastError
IsValidLocale
QueryPerformanceCounter
GetLastError
DeleteCriticalSection
GetModuleHandleA
GetStartupInfoA
HeapCreate
LCMapStringA
TlsGetValue
GetStringTypeW
TlsSetValue
EnterCriticalSection
GetProcAddress
GetTimeZoneInformation
GetCurrentThread
GetStringTypeA
GetUserDefaultLCID
GetCurrentProcessId
HeapAlloc
GetConsoleScreenBufferInfo
GetFileAttributesW
VirtualFree
FreeEnvironmentStringsA
EnumCalendarInfoExA
TlsAlloc
RtlUnwind
WriteFile
GetACP
lstrcat
EnumCalendarInfoW
UnhandledExceptionFilter
TlsFree
IsBadWritePtr
SetHandleCount
GetFileType
GetOEMCP
HeapFree
GetVersionExA
VirtualFreeEx
GetSystemInfo
MultiByteToWideChar

Sections

.text
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa3a0f7311db4748c34fe4ab0baf0412

Headers

File Characteristics

Imports

gdi32

comdlg32

shell32

wininet

kernel32

Sections

.text Size: 155KB - Virtual size: 155KB

.data Size: 274KB - Virtual size: 295KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 155KB - Virtual size: 155KB

.data
Size: 274KB - Virtual size: 295KB

.rsrc
Size: 4KB - Virtual size: 3KB