bf4a9dfba21002a8939b394a53ed532f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bf4a9dfba21002a8939b394a53ed532f_JaffaCakes118
Size

497KB
MD5

bf4a9dfba21002a8939b394a53ed532f
SHA1

9beb7c9bc8f0f5d1fe7d0917d4af3b3a696985d3
SHA256

e25b0dd02e0c19b3ab8f9ecb98b2ae8594b30b8d0947eef1ecbfdf9045a2987d
SHA512

69ef25e7c632acb4e06841e5162371cabfc4ca3cead820414f6b19dc3abbc0d4c9c1a2a2b8c782e59316ff4e0c63f40e9316d9baa3e1792de1ca6986b84bc59b
SSDEEP

12288:9dNFVHUkK3gPgFFiD917Aa+Dj5p7iJcBe6N:DNDL5gDU6JDj5p7iiN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf4a9dfba21002a8939b394a53ed532f_JaffaCakes118

Files

bf4a9dfba21002a8939b394a53ed532f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b36c7cc2e89ebf5ab1e49d6d1eed2c8e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\avbxgsmee\evfrgedcxb\dsgczeesnp\hsv.pdb

Imports

gdi32

CreateDCA
AbortPath
GetTextExtentExPointA
CreateMetaFileW
StrokePath
AngleArc
UpdateICMRegKeyW
ExtTextOutW
Rectangle
EndPath
EnableEUDC
GetLogColorSpaceA
EndPage
GetCharWidth32A
RectInRegion
GetTextExtentPointW
SetRectRgn
CloseFigure
CreatePenIndirect
GetCharacterPlacementW

kernel32

GetModuleFileNameW
GetModuleHandleA
VirtualFree
GetCommandLineW
GetProcAddress
CreateMutexA
HeapDestroy
TlsAlloc
Sleep
GetCurrentProcessId
SetUnhandledExceptionFilter
WideCharToMultiByte
TryEnterCriticalSection
EnterCriticalSection
GetCPInfo
FlushConsoleInputBuffer
InterlockedDecrement
GetFileType
ReadFile
InterlockedExchange
GetCommandLineA
GetEnvironmentStrings
LocalSize
GlobalReAlloc
SetWaitableTimer
GetCurrentThreadId
SetHandleCount
GetStringTypeA
InterlockedIncrement
GetUserDefaultLCID
GetTickCount
TlsGetValue
UnhandledExceptionFilter
SetFilePointer
VirtualQuery
InitializeCriticalSection
IsValidLocale
GetConsoleMode
GetLocaleInfoW
GetTimeZoneInformation
FreeEnvironmentStringsW
HeapReAlloc
OpenMutexA
LeaveCriticalSection
CloseHandle
RtlUnwind
GetSystemTimeAsFileTime
SetStdHandle
GetOEMCP
GetEnvironmentStringsW
GetStdHandle
LoadLibraryA
GetACP
WriteConsoleW
QueryPerformanceCounter
HeapCreate
GetLocaleInfoA
EnumCalendarInfoA
GetLastError
GetStartupInfoA
SetEnvironmentVariableA
LCMapStringA
TlsFree
LockFileEx
GetCurrentThread
FreeLibrary
CreateFileA
GetConsoleCP
DeleteCriticalSection
WriteFile
MultiByteToWideChar
ExitProcess
CompareStringA
WriteConsoleOutputAttribute
IsDebuggerPresent
LCMapStringW
GetVersionExA
HeapSize
CommConfigDialogA
GetProcessHeap
GetDateFormatA
GetModuleFileNameA
GetCurrentProcess
FlushFileBuffers
GetConsoleOutputCP
HeapFree
FreeEnvironmentStringsA
EnumSystemLocalesA
GetStartupInfoW
VirtualAlloc
CreateDirectoryExW
TlsSetValue
TerminateProcess
WriteConsoleA
SetConsoleCtrlHandler
HeapAlloc
GetTimeFormatA
IsValidCodePage
GetStringTypeW
SetLastError
CompareStringW

comdlg32

FindTextW
ChooseColorA

user32

RegisterClassExA
IsZoomed
DdeConnect
RegisterClassA
CreateDesktopA

comctl32

InitCommonControlsEx

shell32

ExtractIconExA
SHGetSpecialFolderPathW

Sections

.text
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b36c7cc2e89ebf5ab1e49d6d1eed2c8e

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

comdlg32

user32

comctl32

shell32

Sections

.text Size: 314KB - Virtual size: 313KB

.rdata Size: 67KB - Virtual size: 85KB

.data Size: 105KB - Virtual size: 105KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 314KB - Virtual size: 313KB

.rdata
Size: 67KB - Virtual size: 85KB

.data
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 9KB - Virtual size: 9KB