c7f733452e20205708f31d7319d4c44e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c7f733452e20205708f31d7319d4c44e_JaffaCakes118
Size

442KB
MD5

c7f733452e20205708f31d7319d4c44e
SHA1

b2faa5def874f7b582ab55b021e8f04f6c85dcda
SHA256

7382f88718c2e6fa0407b8785434e7aced95b92f042f2016c8f5e8caada18f3b
SHA512

a330b4cff9952963cff5bb8ad70b04522b0f4cb850d2f96b4b0211cbb4ab2fa90d237c508bf3f51a64c05081ec505843aedc63993a1dac3e410c027b38a4bf28
SSDEEP

6144:hVSJr/yJ2WScwBlJOx1IZnGojLznhAu+cSYWk3dnWObA3VgsOdDrpqkSkpjAxGCU:s2aB62/hAu+cSYW6A3VxOdnwkSkM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7f733452e20205708f31d7319d4c44e_JaffaCakes118

Files

c7f733452e20205708f31d7319d4c44e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

94ffa607a868bea6ace44cced5c978a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomW
FreeLibraryAndExitThread
FindAtomA
SetHandleCount
HeapCreate
InitializeCriticalSection
GetACP
GetTickCount
GetEnvironmentStrings
CompareStringA
TerminateProcess
DeleteCriticalSection
InterlockedDecrement
HeapFree
GetCurrentThread
GetCurrentProcess
EnumSystemLocalesA
GetCommandLineA
GetProfileSectionW
HeapReAlloc
TlsAlloc
GetVersionExA
GetProcessHeap
GetCurrentProcessId
GetCommandLineW
GetThreadTimes
VirtualQuery
ReadFileEx
LCMapStringW
UnhandledExceptionFilter
IsValidCodePage
GetModuleFileNameA
HeapSize
ExitProcess
InterlockedExchange
WaitForMultipleObjects
FreeEnvironmentStringsA
LoadLibraryA
MultiByteToWideChar
GetDateFormatA
GetStringTypeA
TlsFree
LeaveCriticalSection
GetLocaleInfoW
SetUnhandledExceptionFilter
InterlockedIncrement
HeapAlloc
IsDebuggerPresent
GetStartupInfoA
IsValidLocale
GetProcAddress
TlsGetValue
VirtualAlloc
CreateRemoteThread
Sleep
GetCPInfo
GetComputerNameA
RtlUnwind
LCMapStringA
SetLastError
GetModuleHandleA
GetSystemTimeAsFileTime
WriteFile
GetAtomNameW
GetStdHandle
FreeEnvironmentStringsW
GetPrivateProfileIntW
GetTimeFormatA
CreateFileW
QueryPerformanceCounter
GetProfileSectionA
VirtualFree
EnumCalendarInfoExW
OpenEventA
WideCharToMultiByte
CompareStringW
TlsSetValue
FreeLibrary
GetLocaleInfoA
GetOEMCP
HeapDestroy
GetLastError
GetEnvironmentStringsW
SetConsoleCtrlHandler
EnterCriticalSection
SetThreadPriority
GetTimeZoneInformation
SetEnvironmentVariableA
GetStringTypeW
GetCurrentThreadId
GetUserDefaultLCID
GetFileType

comdlg32

GetFileTitleW
ReplaceTextA
LoadAlterBitmap
PageSetupDlgW

gdi32

DPtoLP
SetColorAdjustment
GetRgnBox
GetRasterizerCaps
OffsetWindowOrgEx
UpdateICMRegKeyW
CreateEllipticRgn
SetWinMetaFileBits
TextOutW
GetPath
CloseEnhMetaFile
GetTextMetricsA
GetKerningPairsW
CreateHatchBrush
GetCharacterPlacementW
EnumFontFamiliesExA
SetFontEnumeration
EnumFontFamiliesW
GetCharWidthW
IntersectClipRect
StretchDIBits
SetBkMode
CloseFigure
AnimatePalette

Sections

.text
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94ffa607a868bea6ace44cced5c978a7

Headers

File Characteristics

Imports

kernel32

comdlg32

gdi32

Sections

.text Size: 142KB - Virtual size: 141KB

.rdata Size: 9KB - Virtual size: 28KB

.data Size: 280KB - Virtual size: 280KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 142KB - Virtual size: 141KB

.rdata
Size: 9KB - Virtual size: 28KB

.data
Size: 280KB - Virtual size: 280KB

.rsrc
Size: 10KB - Virtual size: 9KB