65cab3bf8f431625cca17c3e98d53545_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

65cab3bf8f431625cca17c3e98d53545_JaffaCakes118
Size

40KB
MD5

65cab3bf8f431625cca17c3e98d53545
SHA1

513f98fbcff3c1a8485196fdfbaa7952af77e772
SHA256

3827e1c85cf37d15169878e2da5ca0042b6842d3731b7d9376a199ac54532854
SHA512

ed9e570e31997e4266495343ede9188d80371dd4f1353085318374565423f60ed6193e039ca40ac68f40461f6876e07aa156a2373f87bfdc4bb3791f21494cd7
SSDEEP

768:eYhF67KBqHoCjhWRm5JlBWmgBzszomxCxanBcdy:eYkKsHoCNMuPazszVBU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65cab3bf8f431625cca17c3e98d53545_JaffaCakes118

Files

65cab3bf8f431625cca17c3e98d53545_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1bc1d058443071a6ccfb252907bd7b18

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetEnhMetaFilePaletteEntries
RectInRegion
CreateFontIndirectW
ScaleViewportExtEx
SetROP2
CreatePatternBrush
LineTo
GetGlyphOutlineA
GdiFlush
GetLogColorSpaceA
GetNearestPaletteIndex
SetBkMode
GetCharWidthA
GetCharABCWidthsW
PtVisible
CreateScalableFontResourceA
GetEnhMetaFileDescriptionW
CreateCompatibleBitmap
GetGlyphOutlineW
GetWindowExtEx
GetPaletteEntries
GetGraphicsMode

user32

CloseClipboard
CountClipboardFormats
GetClassNameW
DdeGetLastError
CharToOemA
CallNextHookEx
GetDC
CharPrevA
EqualRect
CharUpperBuffW
GetClassLongA
CreateWindowExA
GetClipboardFormatNameW

msvcrt

_inp
__argv
_ismbbalnum
_wtol
_mktemp
iswdigit
__STRINGTOLD
_cabs
_wcsicoll
_lseeki64
isleadbyte
wcstoul
__argc
_mbbtype
_waccess
strxfrm
wcsspn
_mkdir
_strrev
_futime64
sprintf
fmod
_winver
__p__fileinfo
_jn
mktime
fsetpos
_makepath
fread
strtok
fopen
_isctype
_wsystem
_pctype
_filbuf
_lsearch
_ismbbkpunct
_kbhit
strcpy

kernel32

VerLanguageNameW
WriteFileEx
GetLocalTime
VirtualAlloc
GetProcessHeap
GetHandleInformation
SetDefaultCommConfigW
lstrcmpiA
lstrcatW
GetModuleHandleA
GetProfileIntW
FindFirstChangeNotificationW
GlobalFlags
PurgeComm
GetLastError
lstrlenA
GlobalAddAtomA
CreateDirectoryA
lstrcatA
WaitForSingleObjectEx
VirtualAlloc
Sleep
FatalAppExitW
FileTimeToLocalFileTime
GlobalMemoryStatus
SignalObjectAndWait
DisableThreadLibraryCalls
VDMConsoleOperation
VirtualFree
LockFileEx
ExitProcess
SetConsoleInputExeNameA
GetConsoleAliasExesLengthW
SetCommState
Sleep
GetCurrentThreadId
GetModuleHandleA
QueryPerformanceFrequency
Process32Next
lstrcmpA
InterlockedCompareExchange
lstrcmpW
GetStartupInfoA
GetConsoleOutputCP
GetEnvironmentVariableA
ReadConsoleOutputCharacterA
QueryDosDeviceW
SetConsoleCP
RemoveDirectoryW

Sections

.text
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lol
Size: 13KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nfk
Size: 7KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.etnr
Size: 13KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1bc1d058443071a6ccfb252907bd7b18

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

msvcrt

kernel32

Sections

.text Size: 5KB - Virtual size: 6KB

.lol Size: 13KB - Virtual size: 18KB

.nfk Size: 7KB - Virtual size: 18KB

.etnr Size: 13KB - Virtual size: 21KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 6KB

.lol
Size: 13KB - Virtual size: 18KB

.nfk
Size: 7KB - Virtual size: 18KB

.etnr
Size: 13KB - Virtual size: 21KB

.reloc
Size: 1024B - Virtual size: 1KB