d16bed0fd62c845d54fc727586ac2576_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d16bed0fd62c845d54fc727586ac2576_JaffaCakes118
Size

566KB
MD5

d16bed0fd62c845d54fc727586ac2576
SHA1

a25776677e41b786e38270ea09a3709e1b85b501
SHA256

8345f16f8795b74bd56035230e3fde87b9eed8e92b084cc796ea553a2884a23f
SHA512

68400e79f970fe6d9d7da680a685b5962415f88f22fcc7d914e36051e0a9bf803726ff8c92398ac0a883949416623b77e92902a05ea1797d7230e54dd7fe3b8d
SSDEEP

6144:5DLbu0D9BRECJIaG9Nslv8uMDjPRs4Vd8MWHPTtj2zfdgAdkSh5lQX:5/bxD9/ECJIa2sl+V/WHPTtj2rxJbe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d16bed0fd62c845d54fc727586ac2576_JaffaCakes118

Files

d16bed0fd62c845d54fc727586ac2576_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d90950f2f681fac7a2dd4655f744e7ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
OutputDebugStringA
FindResourceA
GetTickCount
WritePrivateProfileStringA
LockResource
_lopen
_lread
_lclose
GetPrivateProfileStringA
GetModuleHandleA
DeleteFileA
SetFileAttributesA
CompareStringA
FlushFileBuffers
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
HeapAlloc
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
CompareStringW
SetEnvironmentVariableA
GetLastError
CloseHandle
GetFileType
CreateFileA
ExitProcess
TerminateProcess
GetCurrentProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
MultiByteToWideChar
ReadFile
GetFileAttributesA
GetStartupInfoA
GetCommandLineA
GetVersion
SetEndOfFile
SetFilePointer
SetHandleCount
GetStdHandle
SetStdHandle
WideCharToMultiByte

user32

LoadImageA
DefWindowProcA
CheckMenuItem
GetMenu
DialogBoxParamA
SendMessageA
MessageBoxA
GetSystemMetrics
WinHelpA
DestroyWindow
PostQuitMessage
GetClientRect
OffsetRect
LoadCursorA
RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
GetDlgItemTextA
EndDialog
SetFocus
GetDlgItem
GetCursorPos
SetWindowTextA
ClientToScreen

gdi32

GetObjectA
DeleteObject
StretchBlt
SelectObject
CreateCompatibleDC
DeleteDC

ddraw

DirectDrawCreate

winmm

PlaySoundA

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.spm
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d90950f2f681fac7a2dd4655f744e7ff

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ddraw

winmm

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 364KB - Virtual size: 363KB

.spm Size: - Virtual size: 1B

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 364KB - Virtual size: 363KB

.spm
Size: - Virtual size: 1B