78269843d7380e8412a02ec977cf664a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

78269843d7380e8412a02ec977cf664a_JaffaCakes118
Size

184KB
MD5

78269843d7380e8412a02ec977cf664a
SHA1

c8d89d8a237e430a7ec5906a5ed8d0c840537bcb
SHA256

9a4e2b892e38c13f3e3fe0cfa0263142fdfe5cf599421ce268b26a5849e711e0
SHA512

933b41a6bcf3b46091ba928df4b27a2b5c45341c09f6ea5cb18e2f7b16c443f67d40c8d6c4b301975969d3d36b93b266e0acd0a7780e3325307e236d00b9cc80
SSDEEP

3072:bMBnzv3lkEn8Nc/m1LFAENzpZ9PfXbPAC1/3oRcBzO+rhmDsSrtCY00l70h:bMBNlmFXrPjACRov+rhmjCx0pW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78269843d7380e8412a02ec977cf664a_JaffaCakes118

Files

78269843d7380e8412a02ec977cf664a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b77565a016d63e246e5a88b039ab366d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualProtect
GetProcAddress
GetModuleHandleA
ExitProcess
GetLastError
VirtualAllocEx
VirtualFreeEx
LocalLock
GetCommandLineA
LoadLibraryA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapSize
GetLocaleInfoA
VirtualFree
VirtualQuery
InterlockedExchange
HeapReAlloc
HeapAlloc
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
HeapFree
HeapCreate
RtlUnwind
GetStartupInfoA
GetVersionExA
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
GetSystemInfo

user32

DefWindowProcA
LoadAcceleratorsA
CreateWindowExA
ShowWindow
SendMessageA
BeginPaint
EndPaint
PostQuitMessage
FindWindowA
GetDesktopWindow
IsWindowVisible

gdi32

GetPixel

shell32

SHFileOperationA

psapi

GetProcessMemoryInfo

msvfw32

ICCompressorFree
DrawDibRealize
DrawDibDraw

gdiplus

GdiplusShutdown
GdipCreateFromHDC
GdipAlloc
GdiplusStartup
GdipFree

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sec
Size: 4KB - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsec
Size: 4KB - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dsec
Size: 4KB - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lsec
Size: 4KB - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hsec
Size: 4KB - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.�sec
Size: 4KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b77565a016d63e246e5a88b039ab366d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

psapi

msvfw32

gdiplus

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 24KB - Virtual size: 24KB

.rsrc Size: 100KB - Virtual size: 96KB

.sec Size: 4KB - Virtual size: 256B

.rsec Size: 4KB - Virtual size: 256B

.dsec Size: 4KB - Virtual size: 256B

.lsec Size: 4KB - Virtual size: 256B

.hsec Size: 4KB - Virtual size: 256B

.�sec Size: 4KB - Virtual size: 84KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 24KB - Virtual size: 24KB

.rsrc
Size: 100KB - Virtual size: 96KB

.sec
Size: 4KB - Virtual size: 256B

.rsec
Size: 4KB - Virtual size: 256B

.dsec
Size: 4KB - Virtual size: 256B

.lsec
Size: 4KB - Virtual size: 256B

.hsec
Size: 4KB - Virtual size: 256B

.�sec
Size: 4KB - Virtual size: 84KB