bad7615e037b0f75b3caa67777b69d27_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bad7615e037b0f75b3caa67777b69d27_JaffaCakes118
Size

488KB
MD5

bad7615e037b0f75b3caa67777b69d27
SHA1

603609d234e36ba622305d68071c8a2767641c6f
SHA256

163cf066ba1f631fe24aeba1053491fd1e1d482a4dee786a1e5cad7d6f94fff3
SHA512

7fac13c70a7fd9908076ea83870300947d3735198a7740b8c3a44d324e2c15c0284497d8c9fa9bc4be33059e259b3b6fc197acef08ee91d2ac2ea219922261e1
SSDEEP

6144:uXNER21dalzR2YueCAHwoVNtjHZh3tRnf7pabiD8Gr5vcSr/ST942BHCLq5GZl80:W1UlCarVXz7xD8Gam2pSiG/dcvMZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bad7615e037b0f75b3caa67777b69d27_JaffaCakes118

Files

bad7615e037b0f75b3caa67777b69d27_JaffaCakes118
.exe windows:4 windows x86 arch:x86

721c12f8f1f2d86ff2e9299a339ff2a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EnumICMProfilesW
SetTextAlign
GdiPlayJournal
GetKerningPairsA
GetCharWidthFloatW
SetColorSpace
GetTextMetricsA
ExtFloodFill
ExtTextOutW
GetGraphicsMode
GetICMProfileA
SelectPalette
GetROP2
CreateDIBPatternBrush
GetRandomRgn
CreatePolygonRgn
GetPaletteEntries
GetGlyphOutlineA
SetBitmapDimensionEx
GetDeviceCaps
WidenPath
SetDIBitsToDevice

kernel32

FlushFileBuffers
FreeEnvironmentStringsA
GetStartupInfoW
LCMapStringA
TerminateProcess
IsValidLocale
GetProcAddress
GetLastError
TlsSetValue
GetCurrentThread
GetCommandLineW
InterlockedExchange
OpenMutexA
GetTimeFormatA
HeapSize
ReadFile
VirtualFree
GetCurrentThreadId
CompareStringA
GetEnvironmentStrings
GetCommandLineA
GetUserDefaultLCID
HeapCreate
InitializeCriticalSection
VirtualAlloc
TlsAlloc
LCMapStringW
HeapDestroy
SetFilePointer
TlsFree
VirtualQuery
WideCharToMultiByte
ExitProcess
VirtualProtect
GetFileAttributesExA
GetModuleHandleA
HeapReAlloc
GetCurrentProcessId
WriteFile
GetStringTypeW
GetVersionExA
GetStringTypeA
TlsGetValue
GetTickCount
GetModuleFileNameA
LoadLibraryA
GetOEMCP
GetTimeZoneInformation
GetStdHandle
GetStartupInfoA
GetCPInfo
FreeEnvironmentStringsW
CloseHandle
IsBadWritePtr
GetACP
SetHandleCount
GetCurrentProcess
DeleteCriticalSection
GetLocaleInfoA
GetFileType
HeapAlloc
SetEnvironmentVariableA
GetSystemInfo
EnumSystemLocalesA
SetLastError
SetFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
GetSystemTimeAsFileTime
SetStdHandle
CreateMutexA
GetDateFormatA
RtlUnwind
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
CompareStringW
UnhandledExceptionFilter
IsValidCodePage
HeapFree
GetLocaleInfoW
MultiByteToWideChar

user32

GetFocus
RegisterClassA
LoadBitmapW
SetMenuInfo
RegisterClassExA
DdeGetLastError

comctl32

InitCommonControlsEx

Sections

.text
Size: 304KB - Virtual size: 303KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

721c12f8f1f2d86ff2e9299a339ff2a3

Headers

File Characteristics

Imports

gdi32

kernel32

user32

comctl32

Sections

.text Size: 304KB - Virtual size: 303KB

.rdata Size: 56KB - Virtual size: 61KB

.data Size: 103KB - Virtual size: 102KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 304KB - Virtual size: 303KB

.rdata
Size: 56KB - Virtual size: 61KB

.data
Size: 103KB - Virtual size: 102KB

.rsrc
Size: 23KB - Virtual size: 23KB