f58f18d299419d217d648e2c544e6666_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f58f18d299419d217d648e2c544e6666_JaffaCakes118
Size

176KB
MD5

f58f18d299419d217d648e2c544e6666
SHA1

1a948a88fe8baeac1a6bda38a536661d4705843c
SHA256

102fed8d851023de9461cc0b2ec24629a25709f026b4a25d61c3da292cc69a74
SHA512

2afc57f58d82ec3b86a614cd97ca6b95f80bfb5eba956e513e7adeac570400dabc2ea4b4fe924f683d434f4856eed5eae3a4ef61a0587e0fe1012c68b87967be
SSDEEP

3072:Dx2LtSedq80UZ4tFmOjeIc676CahKWb2HEQn/KOPVbtCb78:Mld/iFjIhNwEQn/KuVk4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f58f18d299419d217d648e2c544e6666_JaffaCakes118

Files

f58f18d299419d217d648e2c544e6666_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c4b7f056246e654ec5b2af15bfe5573

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

PtVisible
ExtTextOutW
OffsetViewportOrgEx
SetMapMode
DeleteDC
GetClipBox
SetTextColor
DeleteObject
SetViewportOrgEx
RectVisible
SetBkColor
SaveDC
ScaleWindowExtEx
SetWindowExtEx
RestoreDC
GetDeviceCaps
CreateBitmap
TextOutW
SetViewportExtEx
ScaleViewportExtEx
SelectObject
Escape
GetStockObject

user32

GetWindowTextW
GetParent
EnableWindow
GetLastActivePopup
IsWindowEnabled
GetMenuCheckMarkDimensions
GetSysColor
GetDC
GetSystemMetrics
LoadBitmapW
LoadCursorW
MessageBoxW
CheckMenuItem
EnableMenuItem
ReleaseDC
GetWindowLongW
ModifyMenuW
GetSysColorBrush

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

kernel32

UnhandledExceptionFilter
GetStartupInfoA
GetModuleFileNameA
HeapAlloc
SetUnhandledExceptionFilter
GetShortPathNameW
SetFilePointer
IsBadReadPtr
TerminateProcess
SetHandleCount
HeapSize
GetSystemInfo
GetStringTypeA
VirtualAlloc
GetProcessAffinityMask
GetCommandLineA
IsBadCodePtr
GetEnvironmentStringsW
GetStringTypeW
GetTickCount
GetOEMCP
HeapFree
GetFileType
EnumResourceTypesW
IsBadWritePtr
GetCurrentProcess
GetCurrentProcessId
QueryPerformanceCounter
HeapReAlloc
RtlUnwind
GetStdHandle
FreeEnvironmentStringsW
SetStdHandle
VirtualFree
GetSystemTimeAsFileTime
HeapDestroy
GetFileAttributesA
FlushFileBuffers
WriteFile
LCMapStringW
LCMapStringA
GetEnvironmentStrings
GetCPInfo
HeapCreate
VirtualQuery
VirtualProtect
ExitProcess

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

shlwapi

PathAppendW
PathFindFileNameW
PathFileExistsW
PathFindExtensionW

shell32

SHGetSpecialFolderPathW

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c4b7f056246e654ec5b2af15bfe5573

Headers

File Characteristics

Imports

gdi32

user32

advapi32

kernel32

winspool.drv

ole32

shlwapi

shell32

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 69KB - Virtual size: 69KB

.tls Size: 1024B - Virtual size: 248KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 69KB - Virtual size: 69KB

.tls
Size: 1024B - Virtual size: 248KB