701727010d29fceb36fafe3384450903_JaffaCakes118

General

Target

701727010d29fceb36fafe3384450903_JaffaCakes118
Size

225KB
MD5

701727010d29fceb36fafe3384450903
SHA1

d3301878d4c0f6703227dff5c90da4291f3b8e5e
SHA256

f31bbffec9e2f5bc6ec20b2a0048129f9a2a28ba37be039151419a5db70d0c36
SHA512

a833a05b0ae7222365b5a7b64d8674ef9270d7287d7092732710614fdb2d5ba45f4b6d291ac2489d67372bc7bacb3ae7fefc930957865ca3246b6761b600b2ba
SSDEEP

3072:zFbS3XdSEIBBrLjKIc7KCe/k9oSANBHyMvfmkUEy3rNCMszaUtOOxMiJJl1M4:zFbQdSEIBxLjKJ7G6ANwMXmL4rtzxX3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
701727010d29fceb36fafe3384450903_JaffaCakes118

Files

701727010d29fceb36fafe3384450903_JaffaCakes118
.exe windows:5 windows x86 arch:x86

def8996df8da708d3d9424fe511c8bfa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
CoCreateInstance
CoInitialize

kernel32

DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetProcessHeap
GetSystemTimeAsFileTime
GetTickCount
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedExchange
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
WideCharToMultiByte

gdi32

DeleteDC
DeleteMetaFile
DeleteObject
BitBlt
ExcludeClipRect
CloseMetaFile
GetDeviceCaps
GetObjectA
GetStockObject
CreateCompatibleBitmap
CreateCompatibleDC
LPtoDP
CreateDCA
RestoreDC
SaveDC
SelectObject
SetMapMode
SetStretchBltMode
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StretchBlt
CreateMetaFileA
CreateRectRgnIndirect
CreateSolidBrush

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

def8996df8da708d3d9424fe511c8bfa

Headers

DLL Characteristics

File Characteristics

Imports

ole32

kernel32

gdi32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 17KB - Virtual size: 32KB

.reloc Size: 10KB - Virtual size: 12KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 17KB - Virtual size: 32KB

.reloc
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 10KB - Virtual size: 12KB