81d57b627ca93d6bde1e9253e8d3f1a2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

81d57b627ca93d6bde1e9253e8d3f1a2_JaffaCakes118
Size

485KB
MD5

81d57b627ca93d6bde1e9253e8d3f1a2
SHA1

9db63d15004c9d17e6e21535bd4afdd58084c3be
SHA256

e5d3d8fe138b8cede764c97c61104c6970d0b3ba42cd36b3b60ad8365dcd29e4
SHA512

29472322d0617f64528ec46bf69fad5374b96db3f55f3830a25fc119a0bc725b6d0cb344d5c889b379aabeb8bc55c18f45460bd0f02c9cf727f5701e660b3020
SSDEEP

12288:ICwmfauiyfMQzsJeTw7wHS/tuK0q5oUcOpFSE1M6oMf:IsfaAkQzsLEy/ctq5++SE1M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81d57b627ca93d6bde1e9253e8d3f1a2_JaffaCakes118

Files

81d57b627ca93d6bde1e9253e8d3f1a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d5dc4d2e6469d99e8eb16d90e049da2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipAlloc
GdipCreateBitmapFromFile
GdipFree
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromFileICM
GdipDisposeImage
GdipCloneImage
GdiplusShutdown

kernel32

HeapSize
HeapReAlloc
HeapDestroy
GetLocaleInfoA
FreeLibrary
InitializeCriticalSection
LoadLibraryW
GetVersionExW
GetACP
RaiseException
InterlockedExchange
GetThreadLocale
GetProcAddress
DeleteCriticalSection
OutputDebugStringW
OutputDebugStringA
FindResourceExW
FindResourceW
LCMapStringA
LoadResource
LocalFree
GetVersionExA
GetTempFileNameW
lstrlenA
HeapAlloc
HeapFree
GetTickCount
GetProcessHeap
MultiByteToWideChar
GetTempPathW
GetLastError
GlobalGetAtomNameA
DeleteFileW
CopyFileExW
WideCharToMultiByte
CopyFileW
lstrlenW
SetFileAttributesW
LeaveCriticalSection
EnterCriticalSection
ExitProcess
GetCurrentThreadId
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SizeofResource
LockResource

gdi32

GetFontData
DeleteObject

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

ole32

CoCreateInstance

shlwapi

PathFileExistsW
PathRemoveExtensionW
PathRelativePathToW
PathRemoveFileSpecW
PathFindExtensionW
PathIsRelativeW
PathFindFileNameW
PathIsDirectoryW
PathCanonicalizeW
PathAddExtensionW
PathAddBackslashW

user32

GetKeyState
KillTimer
SendMessageA
SetTimer
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
PostMessageA

Sections

.text
Size: 323KB - Virtual size: 322KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 601KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d5dc4d2e6469d99e8eb16d90e049da2

Headers

File Characteristics

Imports

gdiplus

kernel32

gdi32

advapi32

ole32

shlwapi

user32

Sections

.text Size: 323KB - Virtual size: 322KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 154KB - Virtual size: 601KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 323KB - Virtual size: 322KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 154KB - Virtual size: 601KB

.rsrc
Size: 5KB - Virtual size: 8KB