8d1795e644e9b565380f5d4f52a8b1bf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8d1795e644e9b565380f5d4f52a8b1bf_JaffaCakes118
Size

435KB
MD5

8d1795e644e9b565380f5d4f52a8b1bf
SHA1

eeb98a7d5ff801f42bca77c5b97818b21a982768
SHA256

5e584cd18ac7f660b43fd093051f82b51e3954845f4d4c851753ebd9492b1975
SHA512

a8c756bc8bf18ba85b5402d07c2fbb5e5c73e8d883aabbfe31bda21aadb16add5ce3f245819a269b3aa38a4d69f353fd3d1f39e49fe6236d9fc47ca1505ddb09
SSDEEP

6144:D/v47u6lXK3TvHUSFblxjkItIeJeSmRY1yyaZCU8krsRffpm4eu7cJ/6rx9Sooi9:DW1BKrHUSlIIbeSmRYLaHQfRHMJibrH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d1795e644e9b565380f5d4f52a8b1bf_JaffaCakes118

Files

8d1795e644e9b565380f5d4f52a8b1bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d55ca7f8fbf28993b07ac7ac361c2d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextJustification
Rectangle
GetBitmapBits
CreatePen
SetLayout
GetRegionData
ExtTextOutA
CreateScalableFontResourceW
SetViewportExtEx
SetICMProfileA
SwapBuffers
CreateDiscardableBitmap

kernel32

UnhandledExceptionFilter
GetOEMCP
HeapReAlloc
GetACP
GetStartupInfoA
IsValidLocale
GetLastError
FlushFileBuffers
FreeEnvironmentStringsA
GetDateFormatA
InitializeCriticalSection
VirtualFree
TlsAlloc
HeapCreate
SetLastError
ExitProcess
CompareStringA
OpenMutexA
VirtualQuery
WriteFile
LeaveCriticalSection
HeapSize
SetFilePointer
GetCurrentThreadId
VirtualAlloc
LoadLibraryA
GetCurrentProcess
SetStdHandle
IsValidCodePage
GetLocaleInfoW
GetUserDefaultLCID
GetEnvironmentStrings
QueryPerformanceCounter
SetHandleCount
TerminateProcess
VirtualProtect
lstrcpyA
SetEnvironmentVariableA
GetVersionExA
TlsFree
IsBadWritePtr
GetModuleHandleA
ReadFile
GetProcAddress
GetStdHandle
GetTimeZoneInformation
DeleteCriticalSection
CompareStringW
FreeEnvironmentStringsW
MultiByteToWideChar
EnterCriticalSection
EnumSystemLocalesA
GetTickCount
GetFileType
GetTimeFormatA
TlsSetValue
GetEnvironmentStringsW
GetCommandLineW
GetCPInfo
GetCurrentProcessId
GetStringTypeW
SetConsoleCtrlHandler
GetStringTypeA
GetModuleFileNameA
SetTimeZoneInformation
GetCommandLineA
LCMapStringW
GetLocaleInfoA
CloseHandle
GetSystemInfo
GetSystemTimeAsFileTime
WideCharToMultiByte
GetCurrentThread
GetModuleFileNameW
RtlUnwind
HeapDestroy
InterlockedExchange
TlsGetValue
CreateMutexA
LCMapStringA
GetStartupInfoW
HeapFree
HeapAlloc

shell32

SHInvokePrinterCommandW
SHGetFileInfoA

user32

GetClassInfoA
WinHelpW
GetProcessWindowStation
WindowFromPoint
ChangeMenuA
RegisterClassExA
SendDlgItemMessageW
RegisterClassA
LoadAcceleratorsW

comctl32

InitCommonControlsEx

wininet

InternetGetConnectedStateExW
InternetSetOptionA
FindNextUrlCacheEntryExW
HttpOpenRequestW

comdlg32

ChooseFontA
FindTextA
PageSetupDlgA

Sections

.text
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d55ca7f8fbf28993b07ac7ac361c2d9

Headers

File Characteristics

Imports

gdi32

kernel32

shell32

user32

comctl32

wininet

comdlg32

Sections

.text Size: 203KB - Virtual size: 203KB

.rdata Size: 8KB - Virtual size: 29KB

.data Size: 210KB - Virtual size: 209KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 203KB - Virtual size: 203KB

.rdata
Size: 8KB - Virtual size: 29KB

.data
Size: 210KB - Virtual size: 209KB

.rsrc
Size: 12KB - Virtual size: 12KB