d7223454ab0b2e6d58ffbb61463784bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d7223454ab0b2e6d58ffbb61463784bb_JaffaCakes118
Size

467KB
MD5

d7223454ab0b2e6d58ffbb61463784bb
SHA1

290eca6b62baec93902aa270f72c9bdee4dacb73
SHA256

2782ede0c29b94797e13f78d5277f8e9d08e7d43a57540652277e6d60fec6dfc
SHA512

ec0a3724794e14bd8123253a2adaff617609bb57817369a2bffb6e364dece3b3ce5967484bea638500296d257b1345e8716a40bc592867661b084280a59a5d1c
SSDEEP

12288:+rCf6c0Vgy+xk61/T+Ec/hUVqpZyPHCGTmBmq:3Cj6y+xk9pUVqpZgCGTmBmq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7223454ab0b2e6d58ffbb61463784bb_JaffaCakes118

Files

d7223454ab0b2e6d58ffbb61463784bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

030d085269126625d86e2df545c223dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

ResizePalette
ScaleViewportExtEx
GetTextAlign
gdiPlaySpoolStream
GetKerningPairsA
PolyPolyline
SetLayout
ArcTo
GetCharABCWidthsA
GetCurrentObject
GetTextCharset
EqualRgn
OffsetWindowOrgEx

shell32

FindExecutableW
ShellHookProc

kernel32

FreeEnvironmentStringsA
SetStdHandle
HeapDestroy
InitializeCriticalSection
HeapCreate
DeleteCriticalSection
VirtualProtect
OutputDebugStringA
CompareStringW
WideCharToMultiByte
CompareStringA
SetConsoleCtrlHandler
GetStringTypeA
SetHandleCount
GetModuleHandleA
GetCommandLineA
InterlockedExchange
SetFilePointer
TlsGetValue
GetACP
GetDateFormatA
ExitProcess
GetCurrentProcess
GetFileType
SetLastError
SetEnvironmentVariableA
HeapAlloc
LCMapStringA
GetCurrentThread
LeaveCriticalSection
TerminateProcess
LoadLibraryA
VirtualFree
GetTimeFormatA
FreeEnvironmentStringsW
GetLastError
GetCurrentThreadId
GetModuleFileNameA
GetLocaleInfoA
RtlUnwind
HeapValidate
GetCPInfo
EnumSystemLocalesA
GetSystemInfo
GetStdHandle
GetUserDefaultLCID
TlsSetValue
GetStringTypeW
IsValidCodePage
VirtualQuery
GetProcAddress
TlsAlloc
QueryPerformanceCounter
GetStartupInfoA
HeapReAlloc
GetOEMCP
GetLocaleInfoW
GetEnvironmentStringsW
IsBadWritePtr
TlsFree
GetTimeZoneInformation
CloseHandle
WriteFile
GetEnvironmentStrings
GetSystemTimeAsFileTime
MultiByteToWideChar
GetVersionExA
UnhandledExceptionFilter
VirtualAlloc
GetExitCodeProcess
IsBadReadPtr
EnterCriticalSection
DebugBreak
HeapFree
SetThreadPriority
InterlockedDecrement
IsValidLocale
GetCurrentProcessId
LCMapStringW
InterlockedIncrement
GetTickCount
FlushFileBuffers

user32

AdjustWindowRectEx
ArrangeIconicWindows
GetDesktopWindow
IsCharAlphaNumericW
SendNotifyMessageW
CreatePopupMenu
DdeQueryStringW
GetDlgItemTextW
GetDoubleClickTime

wininet

GopherOpenFileA
FreeUrlCacheSpaceA
GopherOpenFileW

comdlg32

ReplaceTextW

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

030d085269126625d86e2df545c223dd

Headers

File Characteristics

Imports

gdi32

shell32

kernel32

user32

wininet

comdlg32

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 11KB - Virtual size: 19KB

.data Size: 282KB - Virtual size: 281KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 11KB - Virtual size: 19KB

.data
Size: 282KB - Virtual size: 281KB

.rsrc
Size: 9KB - Virtual size: 9KB