000f58bb9af8fa2f8271886236a89ca0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

000f58bb9af8fa2f8271886236a89ca0_JaffaCakes118
Size

192KB
MD5

000f58bb9af8fa2f8271886236a89ca0
SHA1

bc94fbf0d6a3e49e4e2b0702c5dae8b243e07992
SHA256

4ac93cbc1c349a99cac392b621dd5de3091b59f0bba88fcd80af914138f5f1e2
SHA512

04fa50e433c3ec925a99f1d7144dd0ecfc142b2757cbb4c3c4032848b062f12086d061fb60c14fb9112ee1a86b88a538a55b1402e19c011c84ff5a21e54c4a84
SSDEEP

3072:2g39whEnfw5RsNp6DpWE11vzC6ox1vX6YOama4u2i1mFn8F+e5eYhRFAiYN9LxBn:Tih5Ri6lp11Ex1vDOn1Di1DMShRFQZFk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
000f58bb9af8fa2f8271886236a89ca0_JaffaCakes118

Files

000f58bb9af8fa2f8271886236a89ca0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c6254da931e23df1ba8f98781e27ae14

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\train\train\Release\train.pdb

Imports

kernel32

GetStringTypeW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
Sleep
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
SetStdHandle
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
WriteConsoleW
HeapSize
LoadLibraryW
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
CloseHandle
GetFileType
GetLastError
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
GetProcessHeap
HeapCreate
GetFileSize
HeapAlloc
FreeEnvironmentStringsW
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
RaiseException
RtlUnwind
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateFileW

user32

GetMenu
EnableMenuItem
LoadCursorA
InvalidateRect
GetWindow
GetParent
GetDC
LoadStringA
AppendMenuW
SetRect
FillRect
GetWindowLongA
LoadBitmapA
CreateWindowExW
LoadIconA
LoadBitmapW
UpdateWindow
EndPaint
ShowWindow
ReleaseDC
GetWindowInfo
PtInRect
EnumDisplayMonitors
GetDlgItem
GetWindowRect
GetCaretPos
SendMessageA
GetClientRect
SetMenu
DestroyMenu
SetFocus
BeginPaint
SetWindowLongW

gdi32

SelectObject
CreateSolidBrush
CreateCompatibleDC
SetBkMode
ExtFloodFill
MoveToEx
BitBlt
SetGraphicsMode
CreateEllipticRgn
DeleteDC
CreatePatternBrush
GetObjectA
TextOutW
DeleteObject

comdlg32

FindTextW
GetFileTitleW

advapi32

CryptAcquireContextA

shell32

SHGetFileInfoA
ord155
SHGetFileInfoW
SHGetFolderLocation
ExtractIconExA

oleaut32

SysAllocString

comctl32

ImageList_LoadImageA
ImageList_EndDrag
ImageList_ReplaceIcon
ImageList_Add
ImageList_Create
InitCommonControlsEx

gdiplus

GdiplusStartup
GdiplusShutdown

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 118KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6254da931e23df1ba8f98781e27ae14

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

comctl32

gdiplus

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 118KB - Virtual size: 126KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 118KB - Virtual size: 126KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 7KB - Virtual size: 7KB