b3164cfd3dd0aae3c04a54087488579f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b3164cfd3dd0aae3c04a54087488579f_JaffaCakes118
Size

608KB
MD5

b3164cfd3dd0aae3c04a54087488579f
SHA1

fd50b9ae1fca875e3d22c15c39ed3e67887755ca
SHA256

61e35085cf7f3c716b9adaf883ed36800d43fba072479b7849c53b485031dc03
SHA512

7a404be3c375f143953aae321e9c2dd906498a1c55d01ed04b8f657db4f67ba4a88e9b0362be8bb83f72fc9dac6d0ff8b69501e00f67b9522b22e88dda1adfa7
SSDEEP

12288:iOU8j94DiA2XhDOdlMu/qSdC2Hp3YzdbReOZYZq3QIIBlwmPvxew+Bx8G:ADMu/FcWod0E6wmPvxeRx8G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3164cfd3dd0aae3c04a54087488579f_JaffaCakes118

Files

b3164cfd3dd0aae3c04a54087488579f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fdc9004047da1c89af4c66f01f41043a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

comdlg32

ChooseFontW

gdi32

CombineRgn
CreateRectRgnIndirect
PolyTextOutA
CloseMetaFile
RemoveFontResourceA
GetTextExtentPointW
DeleteEnhMetaFile
GetMetaRgn
SetICMMode
SetMiterLimit
InvertRgn

user32

DdeInitializeA
CharLowerBuffA
CharLowerW
GetMenuItemCount
GetQueueStatus
GetClassInfoExW
GetDialogBaseUnits
DragDetect
GetWindowRect
FrameRect
DdeConnectList
CreateWindowStationA
LoadMenuA
CreateDesktopW
RegisterClassA
SetScrollRange
GetTopWindow
DrawTextExW
CharUpperW
OemToCharA
SetSysColors
DdeCreateStringHandleW
CreateIconIndirect
InSendMessage
IsChild
SetMenuItemInfoA
BeginPaint
GetClipboardFormatNameW
ImpersonateDdeClientWindow
DeleteMenu
DdeConnect
LoadCursorA
GetSystemMetrics
GetClipboardFormatNameA
RegisterClassExA
ShowWindow
MsgWaitForMultipleObjectsEx
GetMenuState
DefWindowProcA
AttachThreadInput

kernel32

DebugBreak
InterlockedIncrement
WriteConsoleInputW
RaiseException
GetCurrentProcessId
ExpandEnvironmentStringsW
GetNamedPipeHandleStateW
SetConsoleTitleW
WriteProfileSectionA
ExitProcess
SetStdHandle
FreeEnvironmentStringsW
GetModuleHandleA
lstrcatA
VirtualFreeEx
GetVersionExA
GetCurrencyFormatW
LocalUnlock
UnmapViewOfFile
WriteProfileStringW
GetCPInfo
HeapFree
IsBadWritePtr
GetEnvironmentStrings
InterlockedExchange
SetFilePointer
VirtualQuery
EnumSystemLocalesA
CompareStringW
CreateMutexA
WideCharToMultiByte
GetPrivateProfileStructA
HeapReAlloc
CreateProcessW
GetLocaleInfoA
SetLastError
FreeEnvironmentStringsA
UnlockFileEx
QueryPerformanceCounter
OpenSemaphoreW
ResetEvent
GetTickCount
CloseHandle
IsValidCodePage
GetCurrentThread
FlushFileBuffers
VirtualQueryEx
VirtualFree
ReadConsoleA
VirtualAlloc
GetCurrencyFormatA
GetSystemTimeAsFileTime
GetModuleFileNameW
TlsSetValue
LCMapStringW
CreateDirectoryA
SetLocaleInfoW
GetCurrentThreadId
GetEnvironmentStringsW
GetLastError
GetNumberFormatW
TlsAlloc
EnumTimeFormatsW
TlsFree
SetHandleCount
GetDateFormatA
GetStartupInfoA
lstrcmpA
InitializeCriticalSectionAndSpinCount
CompareStringA
DeleteCriticalSection
IsBadReadPtr
UnhandledExceptionFilter
GetSystemInfo
FindNextFileW
GetDiskFreeSpaceExA
GlobalFindAtomA
EnterCriticalSection
WriteFile
MoveFileW
IsValidLocale
WaitForMultipleObjects
GetOEMCP
GetProfileSectionW
HeapCreate
GetLocaleInfoW
LockResource
TlsGetValue
GetStartupInfoW
GetFileType
HeapAlloc
OpenMutexA
GetUserDefaultLCID
DeleteFileW
TerminateProcess
InterlockedDecrement
GetProcAddress
CreateProcessA
GetCommandLineA
RtlUnwind
ReadFile
GetAtomNameA
GetCommandLineW
SetEnvironmentVariableA
OutputDebugStringA
GetModuleFileNameA
HeapSize
GetConsoleCP
MultiByteToWideChar
LeaveCriticalSection
VirtualProtectEx
LCMapStringA
EnumDateFormatsExW
HeapValidate
GetACP
LoadLibraryA
RtlFillMemory
GlobalLock
CopyFileExA
GetTimeFormatA
GetStringTypeA
GetTempPathW
HeapDestroy
lstrcmpi
EnumResourceLanguagesW
GetCurrentProcess
GetStringTypeW
InitializeCriticalSection
GetTimeZoneInformation
SetConsoleCtrlHandler
GetProfileStringW
VirtualProtect
GetWindowsDirectoryA
GetStdHandle
GetFullPathNameA

comctl32

GetEffectiveClientRect
InitCommonControlsEx

wininet

InternetSetOptionExA

Sections

.text
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fdc9004047da1c89af4c66f01f41043a

Headers

File Characteristics

PDB Paths

Imports

comdlg32

gdi32

user32

kernel32

comctl32

wininet

Sections

.text Size: 204KB - Virtual size: 202KB

.rdata Size: 252KB - Virtual size: 251KB

.data Size: 116KB - Virtual size: 134KB

.rsrc Size: 32KB - Virtual size: 28KB

.text
Size: 204KB - Virtual size: 202KB

.rdata
Size: 252KB - Virtual size: 251KB

.data
Size: 116KB - Virtual size: 134KB

.rsrc
Size: 32KB - Virtual size: 28KB