c203d065f9f085c5bde4a948e206cfa2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c203d065f9f085c5bde4a948e206cfa2_JaffaCakes118
Size

579KB
MD5

c203d065f9f085c5bde4a948e206cfa2
SHA1

572d84e96740388771cbe0579273ca7d7772c54b
SHA256

fc9cb211e250abf975e3be9dd33dc34d961472325ad1fa14a011401d61258161
SHA512

b1605957d5da79fe868e503d74873b40ea81772fe1fad2f702ea3b099c43559b4b710ed827c20855b829a24798f3075353e086937fada0932b67f860b0e145ce
SSDEEP

12288:IQ8ntOp+CzG/hatAqBVyq2wExit6hXGdL7XS7aI8g2ebnW:IQ8ntU+C6mVoZlhq3I8g2oW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c203d065f9f085c5bde4a948e206cfa2_JaffaCakes118

Files

c203d065f9f085c5bde4a948e206cfa2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5dae8cba5194c640b5ebfd32cc3eb9f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateCompatibleBitmap
GetRgnBox
EnumMetaFile
OffsetRgn
PolyPolygon
SetWinMetaFileBits
GetKerningPairsW
SetWorldTransform
CreateDIBPatternBrushPt
GdiPlayScript
GetLogColorSpaceA
SetTextAlign
EnumICMProfilesW

comctl32

InitCommonControlsEx

user32

CharUpperBuffW
GetActiveWindow
RegisterClassExA
CallWindowProcA
RegisterClassA
GetQueueStatus
DdeConnectList
GetUserObjectInformationA
GetSystemMenu
SetMenuItemInfoA
CreatePopupMenu

comdlg32

ChooseColorW
GetSaveFileNameA
ChooseColorA

kernel32

GetCurrentProcessId
QueryPerformanceCounter
FlushFileBuffers
GetCPInfo
InitializeCriticalSection
TlsAlloc
TlsGetValue
WriteFile
SetEnvironmentVariableA
GetCommandLineW
GetCurrentThreadId
SetLastError
IsBadWritePtr
ExitProcess
GetSystemInfo
GetFileType
RtlUnwind
GetOEMCP
GetCommandLineA
HeapSize
LCMapStringW
GetEnvironmentStringsW
HeapFree
VirtualAlloc
HeapReAlloc
LeaveCriticalSection
GetTimeFormatA
GetModuleHandleA
HeapCreate
CompareStringW
SetStdHandle
GetStringTypeA
GetVersionExA
ReadFile
TerminateProcess
GetModuleFileNameW
DeleteCriticalSection
IsValidCodePage
VirtualFree
WideCharToMultiByte
GetTickCount
CloseHandle
GetCurrentProcess
SetHandleCount
EnumSystemLocalesA
MultiByteToWideChar
CreateMutexA
GetCurrentThread
GetStringTypeW
OpenMutexA
TlsFree
GetLocaleInfoW
SetFilePointer
HeapDestroy
LoadLibraryA
GetLastError
GetStdHandle
FreeEnvironmentStringsW
VirtualQuery
GetLocaleInfoA
TlsSetValue
UnhandledExceptionFilter
GetModuleFileNameA
InterlockedExchange
VirtualProtect
GetStartupInfoA
CreatePipe
CreateEventA
GetTimeZoneInformation
HeapAlloc
LCMapStringA
GetUserDefaultLCID
FreeEnvironmentStringsA
GetDateFormatA
GetStartupInfoW
GetACP
CompareStringA
GetEnvironmentStrings
GetSystemTimeAsFileTime
GetProcAddress
EnterCriticalSection
IsValidLocale

advapi32

AbortSystemShutdownA
CryptGetProvParam
LookupSecurityDescriptorPartsW
RegCreateKeyA
RegConnectRegistryA
LookupPrivilegeNameA
RegCreateKeyExA
RegCreateKeyW

Sections

.text
Size: 247KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5dae8cba5194c640b5ebfd32cc3eb9f0

Headers

File Characteristics

Imports

gdi32

comctl32

user32

comdlg32

kernel32

advapi32

Sections

.text Size: 247KB - Virtual size: 246KB

.rdata Size: 8KB - Virtual size: 24KB

.data Size: 317KB - Virtual size: 316KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 247KB - Virtual size: 246KB

.rdata
Size: 8KB - Virtual size: 24KB

.data
Size: 317KB - Virtual size: 316KB

.rsrc
Size: 6KB - Virtual size: 5KB