65d69042338e4d29659e92a95025f000_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

65d69042338e4d29659e92a95025f000_JaffaCakes118
Size

343KB
MD5

65d69042338e4d29659e92a95025f000
SHA1

72fc050c9890f0ea270c8f41fcf58327dd3a218e
SHA256

1c1c5bf9e5667deeb1ad6624cbd8260e6d8ebca5578479b18bd1c22aa4a8004d
SHA512

9956a30dcbbd789a63cb8f6069c500a635a9ea9942904e8c6e65c9c82fb76816049745aa984eefe5f5cea5ac4e6f0652d8cde957dbeb50ec25d5f085a47e1dba
SSDEEP

3072:m8lh2KFgyBVdbMnAlfWB2nchCHSI9g+i+DB7SrNQ+sC8SrICyVRDPM8DsWjEdbf:m8lh2KFzbZUUKQY8SrLIPM5WKj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65d69042338e4d29659e92a95025f000_JaffaCakes118

Files

65d69042338e4d29659e92a95025f000_JaffaCakes118
.exe windows:1 windows x86 arch:x86

86b94f8501673e5a2f563166a77872fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

UnhandledExceptionFilter
WriteFile
TlsFree
GetEnvironmentStrings
GetProcAddress
GetModuleFileNameA
GetModuleHandleA
TlsSetValue
GlobalMemoryStatus
CreateFileA
LeaveCriticalSection
SetFilePointer
GetLastError
RaiseException
VirtualFree
GetStartupInfoA
VirtualAlloc
CloseHandle
TlsGetValue
GetFileAttributesA
InitializeCriticalSection
GetVersionExA
SetHandleCount
EnterCriticalSection
TlsAlloc
GetLocalTime
ExitProcess
SetConsoleCtrlHandler
RtlUnwind
GetFileType
GetCommandLineA
GetVersion
GetStdHandle
VirtualQuery
GetCurrentThreadId

gdi32

TextOutA
SetTextColor
SelectObject
GetTextMetricsA
GetStockObject
DeleteObject
DeleteDC
CreateFontA
CreateCompatibleDC
BitBlt
SetBkColor

user32

GetDlgItemInt
GetDlgItem
GetDC
EnumThreadWindows
EndPaint
EndDialog
DispatchMessageA
DialogBoxParamA
DestroyWindow
DefWindowProcA
CreateWindowExA
FindWindowA
BeginPaint
TranslateMessage
UpdateWindow
GetMessageA
ShowWindow
ShowCursor
SetWindowTextA
SetTimer
SendMessageA
ReleaseDC
RegisterClassExA
PostQuitMessage
MessageBoxA
LoadIconA
LoadCursorA
SetWindowPos
LoadBitmapA
GetWindowRect
GetSystemMetrics

advapi32

RegSetValueExA
RegQueryValueExA
RegCreateKeyExA

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo

Sections

CODE
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86b94f8501673e5a2f563166a77872fa

Headers

File Characteristics

Imports

kernel32

gdi32

user32

advapi32

Exports

Exports

Sections

CODE Size: 27KB - Virtual size: 28KB

DATA Size: 5KB - Virtual size: 264KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 4KB

.rsrc Size: 248KB - Virtual size: 248KB

.debug Size: 56KB - Virtual size: 60KB

CODE
Size: 27KB - Virtual size: 28KB

DATA
Size: 5KB - Virtual size: 264KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 248KB - Virtual size: 248KB

.debug
Size: 56KB - Virtual size: 60KB