f506b888a55f4d8dcc8adbdcb7871d18_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f506b888a55f4d8dcc8adbdcb7871d18_JaffaCakes118
Size

560KB
MD5

f506b888a55f4d8dcc8adbdcb7871d18
SHA1

b7dccecb16a7e0c4428c4b6710b7256cade946f5
SHA256

18ce17249d03d2c4dfad65e0ce5b8c890c755867a26f336f84a216637bb7c1c2
SHA512

43702a875d4ab8e09701c85fc2afe0368b8185afd0f27451a6ef43d73486d32172dd2dfed6fb8e5ba1f45df017139bbaba6aa9c551e185615639869bf0ad6e2a
SSDEEP

12288:ieYswspOaZvEyHuwzBNMWsliq3+UamltdeitysQKG:ibsz/vEyHu+BNM3Qq3+UamltHysdG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f506b888a55f4d8dcc8adbdcb7871d18_JaffaCakes118

Files

f506b888a55f4d8dcc8adbdcb7871d18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bbf2f6402956ce1f6118436bb2414d84

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowsHookA
RegisterClassExA
RegisterClassA
GetAncestor
SetWindowTextW
EnumDisplaySettingsA

comctl32

InitCommonControlsEx

gdi32

Chord
SelectPalette
EnumObjects
AddFontResourceW
SetMapMode
CreateBrushIndirect
ExcludeClipRect
EnumMetaFile
DeviceCapabilitiesExA
GetMetaFileA
OffsetRgn
GetAspectRatioFilterEx
SetDIBColorTable
DeviceCapabilitiesExW
DPtoLP
StretchBlt
CreatePenIndirect
CopyEnhMetaFileA
SetBrushOrgEx
GdiGetBatchLimit

kernel32

GetACP
ReadFile
TlsAlloc
GetCurrentThread
GetSystemInfo
HeapAlloc
GetCurrentProcessId
GetLocaleInfoW
HeapDestroy
GetCurrentThreadId
GetProcAddress
HeapCreate
DeleteCriticalSection
OpenMutexA
InitializeCriticalSection
GetStringTypeA
GetCurrentProcess
VirtualAlloc
GetModuleHandleA
SetFilePointer
RtlUnwind
GetEnvironmentStrings
LeaveCriticalSection
GetLocaleInfoA
TlsSetValue
LCMapStringW
GetFullPathNameW
GetStartupInfoA
IsValidCodePage
GetDateFormatA
HeapSize
HeapFree
TlsGetValue
GetLongPathNameA
LoadLibraryA
VirtualFree
lstrcmpi
ExitProcess
EnterCriticalSection
GetVersionExA
GetModuleFileNameA
WriteFile
VirtualQuery
GetStringTypeW
UnhandledExceptionFilter
HeapReAlloc
GetTickCount
TlsFree
GetTimeZoneInformation
SetStdHandle
QueryPerformanceCounter
GetStdHandle
FreeEnvironmentStringsW
GetCommandLineA
GetEnvironmentStringsW
GetCurrencyFormatW
GetFileType
GetTimeFormatA
InterlockedExchange
IsValidLocale
GetLastError
CloseHandle
LCMapStringA
FreeEnvironmentStringsA
MultiByteToWideChar
WideCharToMultiByte
EnumSystemLocalesA
TerminateProcess
CompareStringA
GetUserDefaultLCID
GetCPInfo
IsBadWritePtr
SetHandleCount
CompareStringW
VirtualProtect
SetLastError
FlushFileBuffers
GetOEMCP
CreateMutexA
GetSystemTimeAsFileTime
SetEnvironmentVariableA

Sections

.text
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbf2f6402956ce1f6118436bb2414d84

Headers

File Characteristics

Imports

user32

comctl32

gdi32

kernel32

Sections

.text Size: 231KB - Virtual size: 230KB

.rdata Size: 8KB - Virtual size: 36KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 231KB - Virtual size: 230KB

.rdata
Size: 8KB - Virtual size: 36KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 7KB - Virtual size: 6KB