bf71be0b254c55927e7cdd65de390dbf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bf71be0b254c55927e7cdd65de390dbf_JaffaCakes118
Size

174KB
MD5

bf71be0b254c55927e7cdd65de390dbf
SHA1

5a9aab53a2690665f73f7351c18d0be1bb8f6bd5
SHA256

cbefa23f14bec7bece0f55fa3b73d8793caaeab5c992991414424a32aeda7955
SHA512

dfd3cab6bfb1cdf3029a44fef2b5d3738f3e2c0347721c22625c44cdff84e2b4075b52bd8ff24d881793c5cb94c3221ac9387bf3e54888102685751c7350742e
SSDEEP

3072:8aohwFVxj44Ntoa9QvN9f6x8FxCI7UjYqrvTN2sqINai+FS4/I6zKIIH2+:8a7FTHNyvN9ffLf7UjK5I4/I6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf71be0b254c55927e7cdd65de390dbf_JaffaCakes118

Files

bf71be0b254c55927e7cdd65de390dbf_JaffaCakes118
.exe windows:21730 windows x86 arch:x86

ecf9b563364ace0933a3a7371d169128

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextMetricsW
StretchBlt
DeleteObject
SetBkColor
GetTextExtentPoint32W
DeleteDC
PatBlt

advapi32

FreeSid

kernel32

QueryPerformanceCounter
GetCurrentProcessId
GetModuleHandleW
GetCommandLineA
LocalFree
LocalFree
GetModuleFileNameA
lstrcmpiW
GetProcessHeap
VirtualFree
SetUnhandledExceptionFilter
lstrlenW
QueryPerformanceCounter
GetACP
GetTickCount
MultiByteToWideChar
GetCommandLineA
GetModuleHandleA
LocalAlloc
GetModuleHandleA
ExitProcess
GetModuleHandleA
GetProcessHeap
GetModuleHandleA
VirtualFree
lstrcmpiW
GetModuleHandleW
FormatMessageW
GetCurrentThreadId
GetCurrentProcessId
VirtualAlloc
GetProcessHeap
GetCommandLineW
GetACP
lstrcmpiW
FreeLibrary
LoadLibraryA
GetCommandLineA
lstrlenW

user32

LoadStringW
SetTimer
UpdateLayeredWindow
GetSystemMetrics
DefWindowProcW
GetWindowRect
GetSystemMetrics
LoadIconW
ReleaseDC
LoadStringW
ShowWindow
ShowWindow
GetDlgItem
GetMessageW
GetMessageW
ReleaseDC
PostMessageW
PostMessageW
LoadStringW
SetTimer
LoadIconW
ShowWindow
DefWindowProcW
GetSystemMetrics
SendMessageW
ShowWindow
PostMessageW
CreateWindowExW
PostMessageW
SendMessageW
CreateWindowExW
SendMessageW
SetTimer

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ecf9b563364ace0933a3a7371d169128

Headers

File Characteristics

Imports

gdi32

advapi32

kernel32

user32

Sections

.text Size: 24KB - Virtual size: 24KB

.data Size: 141KB - Virtual size: 220KB

.rdata Size: 2KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 24KB - Virtual size: 24KB

.data
Size: 141KB - Virtual size: 220KB

.rdata
Size: 2KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 8KB