df99c1ba4d265f38af6ec382152f49a4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

df99c1ba4d265f38af6ec382152f49a4_JaffaCakes118
Size

1.9MB
MD5

df99c1ba4d265f38af6ec382152f49a4
SHA1

1534a30a47cc2b96cf017a383d52642adf61eb24
SHA256

34f28b87aee65bee464f1d2572960798b4d258b428084932315c92a3c50ed2ce
SHA512

06a5eb114501f82b272fbfad1d328b86ecb4cafd57c00f8a770ccbafa003ac76a6d82cb5a569b40b6b34860f055e0caa73e576178f52e07bec089c7292e432a4
SSDEEP

49152:/cw360zih/LzX5/A+Y6r3Jn+mO7ViN8RbdHS6Tc0v:j3jkptY6rZeV1Rxy6c0v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df99c1ba4d265f38af6ec382152f49a4_JaffaCakes118

Files

df99c1ba4d265f38af6ec382152f49a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1725f1144f3a033d788854cb1d8784a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GdiSetLastError
SetROP2
EqualRgn
SetArcDirection
DeleteColorSpace
EnableEUDC
CloseFigure
EngStrokePath
GdiPlayScript
SetRelAbs
GdiSetPixelFormat
SetROP2
SetBkColor
GdiSetLastError
GetClipBox
SetArcDirection
CreateDIBSection
GdiSetPixelFormat
DeleteMetaFile
GetTextMetricsW

kernel32

GetVersion
GetCurrentThread
GetCurrentThreadId
VirtualFree
EnterCriticalSection
GetTickCount
ExitProcess
GetModuleFileNameW
GetProcessHeap
HeapAlloc
GetModuleHandleA
CreateThread
GetCurrentProcess
VirtualAlloc
GetCommandLineA
InitializeCriticalSection
InterlockedIncrement
GetCommandLineW
GetModuleHandleW
GetModuleHandleA
CreateTapePartition
GetDriveTypeW
UnhandledExceptionFilter
GetVersion
GetCurrentProcess
ExitProcess
VirtualFree
GlobalReAlloc
GetCommandLineA
VirtualAlloc
HeapAlloc
BuildCommDCBW
GetProcessHeap
ExitThread
GetEnvironmentStringsA
GetCurrentThread
GetModuleHandleW
GetTickCount
GetCommandLineW

msvcrt

_rmtmp
_wstat
ispunct
_itoa
_adj_fprem
_CItan

advapi32

RegCreateKeyExW
CloseServiceHandle
RegQueryValueExW
RegCloseKey
RegOpenKeyW
RegOpenKeyExA
RegDeleteValueW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegEnumValueW
OpenThreadToken

Sections

.text
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 864KB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 874KB - Virtual size: 874KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1725f1144f3a033d788854cb1d8784a9

Headers

File Characteristics

Imports

gdi32

kernel32

msvcrt

advapi32

Sections

.text Size: 10KB - Virtual size: 11KB

.data Size: 64KB - Virtual size: 64KB

.rdata Size: 52KB - Virtual size: 53KB

.idata Size: 864KB - Virtual size: 6.0MB

.rdata Size: 874KB - Virtual size: 874KB

.jdata Size: 14KB - Virtual size: 14KB

.rsrc Size: 74KB - Virtual size: 74KB

.text
Size: 10KB - Virtual size: 11KB

.data
Size: 64KB - Virtual size: 64KB

.rdata
Size: 52KB - Virtual size: 53KB

.idata
Size: 864KB - Virtual size: 6.0MB

.rdata
Size: 874KB - Virtual size: 874KB

.jdata
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 74KB - Virtual size: 74KB