d58a17b8f898c86563e90360560dbfd2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d58a17b8f898c86563e90360560dbfd2_JaffaCakes118
Size

284KB
MD5

d58a17b8f898c86563e90360560dbfd2
SHA1

1a0e5bf2be089b17bb81afd30618a15b92fbf523
SHA256

590f9ab18f51c909eae5a2c2c486b0a9a5606768959dc728e69fe344858dd637
SHA512

7600d9ca33bc7f49aef80e85afac10abe9bc09392e008708c858a7c715872c6b14c7bfe53fa3197d2d0d76e417ae9c472b94376cb7ec03570ca2de71488c611a
SSDEEP

6144:A6JvYgWogY1sriV3c+XPWJu0GHjCpFp7ghhWh+h7aZh:A6JvJWo3sbt/4fhB5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d58a17b8f898c86563e90360560dbfd2_JaffaCakes118

Files

d58a17b8f898c86563e90360560dbfd2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0bf33dc96fe80206f4417d55c99fc2e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetModuleHandleA
GetPriorityClass
GetTickCount
ExitProcess
GlobalMemoryStatus
GetCurrentThread
GetThreadPriority
SetThreadPriority
QueryPerformanceFrequency
SetPriorityClass
GetOEMCP
LCMapStringA
LCMapStringW
TerminateProcess
HeapSize
GetCurrentProcess
LoadLibraryA
GetStringTypeW
CloseHandle
CreateFileA
GetLastError
GetFullPathNameA
ReadFile
WriteFile
SetEndOfFile
FlushFileBuffers
SetFilePointer
GetFileSize
GlobalAddAtomA
GlobalDeleteAtom
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
HeapReAlloc
IsBadCodePtr
GetCPInfo
GetStringTypeA
GetProcAddress
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
GetACP
QueryPerformanceCounter
SetHandleCount
GetStdHandle
GetFileType
HeapCreate
VirtualFree
VirtualAlloc
IsBadReadPtr
IsBadWritePtr

user32

GetAsyncKeyState
GetSystemMetrics
SetCursor
WaitMessage
PeekMessageA
DispatchMessageA
TranslateMessage
SendMessageA
wsprintfA
DefWindowProcA
LoadCursorA
IsWindow
MsgWaitForMultipleObjects
TranslateMDISysAccel
TranslateAcceleratorA
DestroyWindow
CreateWindowExA
ShowWindow
GetWindowRect
UpdateWindow
SetFocus
LoadIconA
RegisterClassExA
UnregisterClassA
MessageBoxA
GetActiveWindow
RemovePropA
PostQuitMessage
GetPropA
SetPropA
CopyRect

gdi32

GetStockObject

winmm

timeGetTime
mmioDescend
mciSendCommandA
mmioClose
mmioOpenA
mmioAscend
mmioAdvance
mmioRead
mmioSeek
mmioGetInfo
mmioSetInfo

ddraw

DirectDrawCreate

dsound

ord1

dinput

DirectInputCreateA

Sections

.text
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0bf33dc96fe80206f4417d55c99fc2e0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

ddraw

dsound

dinput

Sections

.text Size: 190KB - Virtual size: 190KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 65KB - Virtual size: 85KB

.text
Size: 190KB - Virtual size: 190KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 65KB - Virtual size: 85KB