722c18c4036a1cd2f7d37d8550391373_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

722c18c4036a1cd2f7d37d8550391373_JaffaCakes118
Size

378KB
MD5

722c18c4036a1cd2f7d37d8550391373
SHA1

8b9bce751c5a52f6f728f3e056e5cc558d289eaf
SHA256

6ef8e405d57130d6648e65494d8c03a8a16ae647137d9726ed004061ae49ec4a
SHA512

b78c08fadebbf50f86fc4e353565f0c8d5540cf2d247704702b6d061e3c990e6f7686e716e479d99478dc78f576be5db5ad3e2233c14c50b14fbf08b3d2d61e8
SSDEEP

6144:q48I7ejvLDi8/ZICG7nHszMj9VK14XFjyUfz6iH30xbJIKPYvMEcYB0j:n6vxZICGrMzcLK1ylZf5CJvtUA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
722c18c4036a1cd2f7d37d8550391373_JaffaCakes118

Files

722c18c4036a1cd2f7d37d8550391373_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a43a1239a27b2f0ade606f96b8d93dcf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\odtd

Imports

gdi32

GetBkMode
GetMetaFileW
AnimatePalette
UpdateICMRegKeyW
GetMapMode
GetClipBox
GdiGetBatchLimit
ResizePalette
GetGlyphOutlineW
GetTextExtentExPointA
SetRectRgn

kernel32

EnumSystemLocalesA
ExitProcess
GetSystemTimeAsFileTime
SetEndOfFile
GetLocaleInfoA
GetConsoleCP
GetSystemDefaultLCID
GetStringTypeW
SetHandleCount
GetFileType
CreateFileA
FreeLibrary
Sleep
GetStringTypeA
EnterCriticalSection
AddAtomW
WaitCommEvent
HeapSize
GetCurrentThread
GetModuleHandleA
GetOEMCP
InterlockedDecrement
TlsAlloc
SetUnhandledExceptionFilter
GetPrivateProfileSectionW
GetCPInfo
SetStdHandle
CompareStringA
GetUserDefaultLCID
TlsFree
GetCurrentProcess
DeleteCriticalSection
GetStartupInfoA
GetLocaleInfoW
GetACP
IsValidCodePage
CompareStringW
GetConsoleOutputCP
IsDebuggerPresent
SetLastError
WaitForDebugEvent
GetTickCount
GetCommandLineW
CreateMutexA
FindAtomA
VirtualAlloc
FreeEnvironmentStringsW
GetProcAddress
FlushFileBuffers
LCMapStringW
HeapAlloc
LCMapStringA
HeapReAlloc
CloseHandle
MoveFileExA
TlsGetValue
IsValidLocale
GetCurrentProcessId
GetTimeFormatA
GetStdHandle
FreeEnvironmentStringsA
QueryPerformanceCounter
SetConsoleCtrlHandler
HeapFree
CreateFileMappingA
InterlockedExchange
GetModuleHandleW
SetEnvironmentVariableA
WideCharToMultiByte
GetTimeZoneInformation
TlsSetValue
GetCommandLineA
SetFilePointer
WriteConsoleW
GetConsoleMode
HeapDestroy
GetLastError
VirtualQuery
RtlUnwind
FindFirstFileExA
GetConsoleTitleW
WriteConsoleA
GetCurrentThreadId
GetStartupInfoW
GetDateFormatA
HeapCreate
VirtualFree
TerminateProcess
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
GetModuleFileNameW
ReadFile
EnumResourceTypesA
LoadLibraryA
LeaveCriticalSection
GetShortPathNameW
InterlockedIncrement
OpenMutexA
WriteFile
MultiByteToWideChar
GetEnvironmentStringsW

comctl32

InitCommonControlsEx

user32

GetWindowLongW
RegisterClassA
SetScrollInfo
RegisterClassExA
ChangeDisplaySettingsExW
GetUserObjectInformationW

Sections

.text
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a43a1239a27b2f0ade606f96b8d93dcf

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

comctl32

user32

Sections

.text Size: 243KB - Virtual size: 243KB

.rdata Size: 28KB - Virtual size: 36KB

.data Size: 95KB - Virtual size: 95KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 243KB - Virtual size: 243KB

.rdata
Size: 28KB - Virtual size: 36KB

.data
Size: 95KB - Virtual size: 95KB

.rsrc
Size: 10KB - Virtual size: 10KB