848be8dd48267e48622b92d5c21ad9b1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

848be8dd48267e48622b92d5c21ad9b1_JaffaCakes118
Size

503KB
MD5

848be8dd48267e48622b92d5c21ad9b1
SHA1

71c6de0be8b43efaf9775da676efc40d4013e0c9
SHA256

a37842d7ee0df3dc4232e14082592f1bc117e7770bcd27de6e6428c444f0adf3
SHA512

53b09b0b77f4b85e833a72df3c9cfc003dcf07003db2d9366122b8f91d8cd22f2a12bf607cb9099781821810782a170dba3ac5da6595837ed3870f79a4557f29
SSDEEP

12288:KFHV66GWhw/q4nNOp0K58pNEgz28HfoDchqpJp9t:A16pWh8qklgGSo/oDUyT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
848be8dd48267e48622b92d5c21ad9b1_JaffaCakes118

Files

848be8dd48267e48622b92d5c21ad9b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd1b58dfda5ec843070519e066e7ce79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
InitializeCriticalSection
EnterCriticalSection
Sleep
QueryPerformanceCounter
GetModuleFileNameW
FreeLibrary
GetProcAddress
VirtualProtect
VirtualProtect
ReadFile
GetModuleHandleW
GetModuleFileNameA
EnterCriticalSection
InterlockedCompareExchange
lstrlenA
LocalFree
LocalFree
ReadFile
HeapDestroy
GetLastError
GetVersionExA
GetModuleHandleW
GetModuleHandleA
HeapDestroy
GetModuleFileNameA
GetCurrentProcess
Sleep
InterlockedDecrement
UnhandledExceptionFilter
LoadLibraryW
HeapAlloc
GetModuleHandleW
InterlockedExchange
LocalAlloc
GetCurrentProcess
InterlockedCompareExchange
FreeLibrary
Sleep
LoadLibraryW
GetModuleFileNameA
EnterCriticalSection
CreateThread
LoadLibraryA
LocalFree
InitializeCriticalSection
DeleteCriticalSection
CreateEventW
GetProcAddress
VirtualProtect
GetModuleHandleW
VirtualAlloc
GetLastError
CreateThread
LoadLibraryA
VirtualProtect
GetCurrentProcess
GetCurrentThreadId
InterlockedDecrement
InterlockedCompareExchange

gdi32

SetBkColor
BitBlt
GetBrushOrgEx
SetBkMode
CreateRectRgn
Polygon
SetBrushOrgEx
CreateDIBSection
PatBlt
GetBkColor
CreateRectRgn
LineTo
GetBkMode
CreateDIBSection
GetBkMode
SetBkMode
SelectObject
GetCurrentObject
SetBrushOrgEx
CreateDIBSection
CreateFontIndirectA
GetCurrentObject
BitBlt
CreateSolidBrush
CreateBitmapIndirect
BitBlt
CreateDIBSection
GetPixel
BitBlt
Polygon
CreateBitmapIndirect
SetPixel
SelectObject
SetPixel
BitBlt
LineTo
MoveToEx
GetBkColor
CreateFontIndirectA
SetBkMode
CreateBitmap
CreatePen
GetCurrentObject
SetBkMode
StretchBlt
BitBlt
RoundRect
CreateBitmap
SelectObject
SetWindowOrgEx
CreateBitmapIndirect
GetWindowOrgEx
Ellipse
GetCurrentObject
CreateFontA

Sections

.text
Size: 498KB - Virtual size: 960KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd1b58dfda5ec843070519e066e7ce79

Headers

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 498KB - Virtual size: 960KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 498KB - Virtual size: 960KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB