db788bd559797f8d5745ba906ab57f91_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

db788bd559797f8d5745ba906ab57f91_JaffaCakes118
Size

503KB
MD5

db788bd559797f8d5745ba906ab57f91
SHA1

a1cbe3311f3d5f97d91182a75f3f8c9e85b4638d
SHA256

dce6e5248ba18ca312d15702933f45ca6cf427f1dbf52f8792213ca452712b4a
SHA512

24d258e616b2460c0af10e712b6e1ff22df2e8b740494ee1f3afb799b6323f1b4aaa2c079c4f85df396c8f1acab69f629526b233f0d34f47c7428dce6dd24798
SSDEEP

12288:X/eRCPptSIehObEynaJcIcx6LEHOi3AkmI6uNnqZQub:XkCPyIazmaNgycn316Gnq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db788bd559797f8d5745ba906ab57f91_JaffaCakes118

Files

db788bd559797f8d5745ba906ab57f91_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c26eb97c30e17ebda771b94ba2aa7914

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetPixelFormat
Arc
GetGlyphOutlineW
CloseFigure
PlayMetaFile
SetColorAdjustment
GetWindowExtEx
GetNearestColor
CreateEllipticRgn
GetColorAdjustment
ExtFloodFill
PolyPolyline
SetMetaRgn
GetCurrentObject

user32

TrackPopupMenuEx
BroadcastSystemMessageW
RegisterClassA
FindWindowExA
TabbedTextOutW
DdeQueryNextServer
GetDesktopWindow
CheckMenuItem
SetDeskWallpaper
UnregisterClassW
CharPrevA
EnumWindowStationsA
LoadCursorFromFileW
RegisterClassExA
SwitchToThisWindow
UnpackDDElParam
UnhookWinEvent

comctl32

InitCommonControlsEx

shell32

ShellExecuteA
SHEmptyRecycleBinW
SHFileOperation

kernel32

GetCurrentThreadId
GetModuleFileNameA
GetFileType
GetLocaleInfoA
GetTickCount
FreeEnvironmentStringsW
GetTimeZoneInformation
RtlUnwind
MultiByteToWideChar
FlushFileBuffers
GetStartupInfoA
GetSystemTimeAsFileTime
IsValidLocale
SetEnvironmentVariableA
SetHandleCount
GetLastError
GetCurrentProcess
VirtualProtect
HeapSize
WideCharToMultiByte
HeapCreate
TlsGetValue
GetDateFormatA
GetCurrentProcessId
FreeEnvironmentStringsA
GetUserDefaultLCID
LCMapStringW
GetStdHandle
VirtualFree
GetModuleHandleA
ExitProcess
TerminateProcess
GetCommandLineA
EnumSystemLocalesA
TlsAlloc
GetOEMCP
CloseHandle
SetStdHandle
TryEnterCriticalSection
GetEnvironmentStringsW
LoadLibraryA
GetCurrentThread
GetProcAddress
GetLocaleInfoW
OpenMutexA
VirtualQuery
GetVersionExA
IsBadWritePtr
DeleteCriticalSection
LeaveCriticalSection
TlsSetValue
SetLastError
LCMapStringA
ReadFile
GetStringTypeW
GetStringTypeA
CreateMutexA
HeapFree
HeapDestroy
IsValidCodePage
VirtualAlloc
CompareStringA
GetCPInfo
InitializeCriticalSection
GetACP
WriteFile
LocalReAlloc
UnhandledExceptionFilter
CompareStringW
GetSystemInfo
GetEnvironmentStrings
GetTimeFormatA
EnterCriticalSection
TlsFree
SetFilePointer
QueryPerformanceCounter
HeapAlloc
InterlockedExchange
HeapReAlloc

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c26eb97c30e17ebda771b94ba2aa7914

Headers

File Characteristics

Imports

gdi32

user32

comctl32

shell32

kernel32

Sections

.text Size: 174KB - Virtual size: 173KB

.rdata Size: 8KB - Virtual size: 35KB

.data Size: 312KB - Virtual size: 311KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 174KB - Virtual size: 173KB

.rdata
Size: 8KB - Virtual size: 35KB

.data
Size: 312KB - Virtual size: 311KB

.rsrc
Size: 8KB - Virtual size: 7KB