703e4b0ef5ef0b07453ecac6952b6ff5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

703e4b0ef5ef0b07453ecac6952b6ff5_JaffaCakes118
Size

167KB
MD5

703e4b0ef5ef0b07453ecac6952b6ff5
SHA1

478ef655aa07e5b8bca35678ae28607fa4033230
SHA256

c30b0323550f53eb232bce156994a6f677e6cc23168fdd9df93c1e503ed0efa7
SHA512

176382a9d318b2a9ccc85a7808062e288fefe5c6514289d17414f5e4dea0306e48081a9147df9cee00fe42c9576197e8cf758f81e7a8bf30fce092e495c1ed5c
SSDEEP

3072:DYmQHMT4KqkjTBo2zsHVHfTTuuvhtWomMlyfElq5Od/LLNO1ps1TR+:EmXoUs1rSuJkomvfInzLkM1TR+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
703e4b0ef5ef0b07453ecac6952b6ff5_JaffaCakes118

Files

703e4b0ef5ef0b07453ecac6952b6ff5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e4d1d68026106d5c284793f49f7d3a9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDIBits
CreateDIBSection
GetObjectW
GetStockObject
StretchDIBits
RealizePalette
SelectPalette
SelectObject
SetStretchBltMode
CreateCompatibleDC
BitBlt

winmm

mixerGetLineControlsW
timeGetTime
waveInGetDevCapsW
waveInGetNumDevs
mixerOpen
mixerSetControlDetails
mixerClose
mixerGetControlDetailsW
mixerGetLineInfoW
mixerGetNumDevs
timeSetEvent
mixerGetDevCapsW

kernel32

LocalAlloc
CloseHandle
lstrcpynW
GetThreadPriority
PrivCopyFileExW
MultiByteToWideChar
InterlockedDecrement
CreateSemaphoreW
WaitForMultipleObjects
LocalFree
WriteFile
ProcessIdToSessionId
GetCurrentThread
GetThreadLocale
GlobalReAlloc
GetProcessId
GetCurrentThreadId
lstrcmpW
GlobalFree
VirtualFree
CreateEventW
GetSystemInfo
OutputDebugStringW
ResetEvent
GetSystemTimeAsFileTime
CreateThread
VirtualAlloc
QueryPerformanceCounter
InitializeCriticalSection
DuplicateHandle
GlobalUnlock
GlobalLock
EnumResourceTypesA
GetVersionExW
GetCurrentProcess
LoadLibraryW
lstrlenW
ReleaseSemaphore
DisableThreadLibraryCalls
GetTickCount
GetLastError
InterlockedExchange
GetACP
GetProcAddress
SetThreadPriority
Sleep
InterlockedIncrement
SetEvent
FreeLibrary
GetCurrentProcessId
CreateFileW
lstrcmpiW
ExitProcess
GlobalAlloc
GetModuleFileNameW
RaiseException
GetLocaleInfoA
GetModuleHandleW
LeaveCriticalSection
lstrcpyW
GetVersionExA
DeleteCriticalSection
lstrlenA
WaitForSingleObject
EnterCriticalSection
GetModuleFileNameA

user32

ReleaseDC
PeekMessageW
DispatchMessageW
GetWindowRect
IsWindowVisible
PostThreadMessageW
EnableWindow
KillTimer
wsprintfW
GetQueueStatus
GetDC
wvsprintfW
UnregisterClassA
SetParent
UnregisterClassW
RegisterWindowMessageW
SetTimer
TranslateMessage
MsgWaitForMultipleObjects

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStreamICM
GdipAlloc
GdipCreateBitmapFromStream
GdipFree
GdiplusShutdown
GdipGetImageThumbnail
GdiplusStartup
GdipDisposeImage
GdipCloneImage

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4d1d68026106d5c284793f49f7d3a9a

Headers

File Characteristics

Imports

gdi32

winmm

kernel32

user32

gdiplus

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 61KB - Virtual size: 60KB

.tls Size: 1024B - Virtual size: 88KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 61KB - Virtual size: 60KB

.tls
Size: 1024B - Virtual size: 88KB