9505deddf96eafb1503aa323f8e4c786_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9505deddf96eafb1503aa323f8e4c786_JaffaCakes118
Size

184KB
MD5

9505deddf96eafb1503aa323f8e4c786
SHA1

f5f4cd4f6db1273a97e53737c68b9a668867d0e7
SHA256

a258b2f2d407ea18c1b47ea62d60f201b24f1584640ca22c4940293cea2fe1f7
SHA512

9cf3d730ff8204ea63c68cfda3aef377d58929e7ecfb77a29b12ca6da40e1873cbb4700e7b63b57154bb887bd22755bbb0c63eb5febdc7d55b3e192d8f3c1349
SSDEEP

3072:lqVbNl7JAHZvZMwNcd/ZollWEQyk5A6WI2NgreG754:4z1dBKlvQf5jWfgres4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9505deddf96eafb1503aa323f8e4c786_JaffaCakes118

Files

9505deddf96eafb1503aa323f8e4c786_JaffaCakes118
.exe windows:4 windows x86 arch:x86

435c6569a56bc109b18e4bb604837475

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
GetLastError
GetCurrentProcessId
LocalSize
GetTickCount
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
VirtualProtect
MultiByteToWideChar
LCMapStringA
ResetEvent
GetCurrentThreadId
QueryPerformanceCounter
HeapSize
VirtualQuery
InterlockedExchange
RtlUnwind
GetCPInfo
VirtualAlloc
LoadLibraryA
LCMapStringW
VirtualFree
GetOEMCP
GetACP
HeapReAlloc
HeapAlloc
HeapCreate
HeapDestroy
GetSystemTimeAsFileTime
GetFileType
GlobalLock
GetSystemInfo
SetHandleCount
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW

user32

PostQuitMessage
ShowWindow
DestroyWindow
EndPaint
LoadCursorA
LoadBitmapA
GetDesktopWindow
GetDC
IsIconic
GetCursorPos
SetCursorPos
GetWindowRect
LoadIconA

gdi32

FloodFill
SelectObject
PatBlt

shell32

SHGetMalloc
SHFileOperationA

psapi

GetModuleBaseNameA

msvfw32

DrawDibStop
DrawDibEnd

avifil32

AVIFileInit

shlwapi

StrStrA

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

435c6569a56bc109b18e4bb604837475

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

psapi

msvfw32

avifil32

shlwapi

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 144KB - Virtual size: 230KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 144KB - Virtual size: 230KB