dd692fc5b7bc84b1b915db7e4276f8a1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dd692fc5b7bc84b1b915db7e4276f8a1_JaffaCakes118
Size

546KB
MD5

dd692fc5b7bc84b1b915db7e4276f8a1
SHA1

bbaca3e1d518101e3fa690d1a4d5bdfbde540a81
SHA256

fc7544f555d98bcd56d9fb63475df63e1ac3295a6b881185b23deb95ba9f5ee6
SHA512

363e3e6d1d1a80471cbdfbefa21b765b798ead1c53a0236ac7e4e0573737d084152badb7d1846ea775010958e141b0e10070978c81203304ca209621bb242498
SSDEEP

12288:FzE8KKQ9eAJnWATEeOnuksnV/xueN5hZxSR86zz:FI8NQ9eAJnlEFnZsV5uePhXSS6z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd692fc5b7bc84b1b915db7e4276f8a1_JaffaCakes118

Files

dd692fc5b7bc84b1b915db7e4276f8a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc1f0953aa5d7ea1138475fa1cfa2e08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetDIBColorTable
SetFontEnumeration
GetBkMode
CreateDiscardableBitmap
GetMiterLimit
GetTextExtentPointW
EnumFontFamiliesA
PatBlt
OffsetClipRgn
CreatePenIndirect
GetEnhMetaFileHeader
GetKerningPairsW

kernel32

FlushFileBuffers
LeaveCriticalSection
IsBadReadPtr
GetStringTypeW
HeapReAlloc
InitializeCriticalSection
InterlockedCompareExchange
DebugBreak
CloseHandle
DeleteCriticalSection
GetModuleFileNameA
QueryPerformanceCounter
GetLocalTime
GetCurrentThreadId
FreeEnvironmentStringsW
TlsSetValue
CreateMutexA
LCMapStringW
EnterCriticalSection
GetStartupInfoA
OpenMutexA
GetCurrentProcess
HeapCreate
SetLastError
GetVersion
GetCommandLineA
WriteFile
SetFilePointer
GetLastError
GetStdHandle
UnhandledExceptionFilter
VirtualQuery
FreeEnvironmentStringsA
SetStdHandle
CompareStringW
GetSystemTime
HeapValidate
CreateRemoteThread
GetEnvironmentStrings
GetCurrentThread
GetACP
GetWindowsDirectoryA
OutputDebugStringA
UnmapViewOfFile
ReadFile
TerminateProcess
GetCurrentProcessId
GetModuleHandleA
GetStringTypeA
GetProcAddress
WideCharToMultiByte
SetEnvironmentVariableA
ExitProcess
LCMapStringA
GetSystemTimeAsFileTime
InterlockedDecrement
VirtualFree
InterlockedExchange
TlsGetValue
IsBadWritePtr
GetCPInfo
HeapAlloc
RtlUnwind
CompareStringA
GetOEMCP
MultiByteToWideChar
HeapFree
SetHandleCount
GetTickCount
InterlockedIncrement
GetPrivateProfileSectionNamesA
GetFileType
LocalCompact
TlsAlloc
FillConsoleOutputAttribute
GetTimeZoneInformation
LoadLibraryA
HeapDestroy
SetConsoleCtrlHandler
TlsFree
VirtualAlloc
GetEnvironmentStringsW

wininet

FtpFindFirstFileA
UnlockUrlCacheEntryStream
RegisterUrlCacheNotification
InternetGetCookieA
InternetShowSecurityInfoByURL

user32

wsprintfA
SetKeyboardState
RemovePropA
CharToOemBuffA
DestroyWindow
CharUpperA
RegisterClassA
GetClipboardData
GetWindowTextA
RegisterClassExA
GetClipboardSequenceNumber
DdeInitializeA
CreateWindowExW
GetUpdateRect
IsWindowUnicode
GetWindowTextW
DefWindowProcA
DlgDirListComboBoxA
MessageBoxW
ShowWindow
CreateMDIWindowW
CreateCursor
CreateIconFromResourceEx

comctl32

ImageList_SetOverlayImage
ImageList_LoadImageA
InitCommonControlsEx
ImageList_DragShowNolock
DrawStatusTextA

Sections

.text
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc1f0953aa5d7ea1138475fa1cfa2e08

Headers

File Characteristics

Imports

gdi32

kernel32

wininet

user32

comctl32

Sections

.text Size: 309KB - Virtual size: 309KB

.rdata Size: 69KB - Virtual size: 85KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 66KB - Virtual size: 66KB

.text
Size: 309KB - Virtual size: 309KB

.rdata
Size: 69KB - Virtual size: 85KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 66KB - Virtual size: 66KB