a04437a0e8b7ff8494a61e5255dce20a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a04437a0e8b7ff8494a61e5255dce20a_JaffaCakes118
Size

525KB
MD5

a04437a0e8b7ff8494a61e5255dce20a
SHA1

b8db26b29ce4ffd17c1080d06f35c7ea363f9da3
SHA256

15123d727b8d49a931a4aea5ae511fb25914a4e8e2fb6156bea71954befe48a1
SHA512

b38d40885ae303ccef4b5804db8a66dde95e1dbec6a1546148358ec60d138f7971f5500fdb9358c9788b1cda99ab535b7f57b693047991c4d8c95ca9e5460742
SSDEEP

12288:JvzGIgT4zSR2/oViyhJ0dnNpS30V1C9AqgmJ/v0:QIO4zSk/OLhJI60V1C93bv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a04437a0e8b7ff8494a61e5255dce20a_JaffaCakes118

Files

a04437a0e8b7ff8494a61e5255dce20a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae0c4cbc5fa62bf2acc572a386857f3d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmAssociateContext

kernel32

TerminateThread
ReadFile
OutputDebugStringW
SetEndOfFile
WaitForSingleObject
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
LoadLibraryA
GetCurrentProcessId
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
SetEvent
WaitForMultipleObjects
FindAtomA
GetLocalTime
GetCurrentThreadId
FreeEnvironmentStringsA

user32

GetKeyState
IsWindow
CreateIconIndirect
GetDC
ReleaseDC
KillTimer
PostMessageW
GetClientRect

gdi32

BitBlt
GetDIBits
ResetDCW
PlayEnhMetaFile
DeleteEnhMetaFile
GetEnhMetaFileHeader
GetEnhMetaFileW
EndPage
StartPage
EndDoc
StartDocW
RealizePalette
StretchBlt
SelectPalette
CreateHalftonePalette
GetDIBColorTable
DPtoLP
SetDIBitsToDevice
GetStockObject
CreateSolidBrush
GetNearestPaletteIndex
CreatePalette
StretchDIBits
SetStretchBltMode
CreateCompatibleBitmap
DeleteDC
SelectObject
SetBitmapBits
CreateBitmap
CreateCompatibleDC
GetFontData
DeleteObject
GetDeviceCaps

gdiplus

GdipAlloc
GdipCreateBitmapFromFile

comdlg32

PrintDlgW

winmm

timeKillEvent
waveOutWrite
waveOutUnprepareHeader
waveOutPause
waveOutReset
waveOutClose
waveOutOpen
waveOutPrepareHeader
timeSetEvent

ws2_32

WSARecv
WSAResetEvent
WSAGetOverlappedResult
WSASend
WSAAccept
WSACloseEvent
WSAWaitForMultipleEvents
WSAEventSelect
WSACreateEvent
WSASendTo
WSASocketW
WSAEnumNetworkEvents

advapi32

RegQueryValueExW
RegQueryInfoKeyW
RegCloseKey
RegCreateKeyExW

Sections

.text
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 473KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae0c4cbc5fa62bf2acc572a386857f3d

Headers

File Characteristics

Imports

imm32

kernel32

user32

gdi32

gdiplus

comdlg32

winmm

ws2_32

advapi32

Sections

.text Size: 296KB - Virtual size: 295KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 140KB - Virtual size: 473KB

.rsrc Size: 85KB - Virtual size: 88KB

.text
Size: 296KB - Virtual size: 295KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 140KB - Virtual size: 473KB

.rsrc
Size: 85KB - Virtual size: 88KB