00f1a2c951baaeb34418c67607b70f50_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

00f1a2c951baaeb34418c67607b70f50_JaffaCakes118
Size

328KB
MD5

00f1a2c951baaeb34418c67607b70f50
SHA1

e428fde9d93ab67359eff3e5589066de8ee2b9bf
SHA256

8c3be77a0c52d67f49a74adbd19d0b707a358516e1de033aafef567d7e2f8ea3
SHA512

c6f9d428b15deaa86c0d9e22f73638d1fb0769ea0a9921e5fd54ea32bc0466c8edbdf2f74875ccb33d67ed7100044cdcaad699f854ae5004f87f555329f0c085
SSDEEP

6144:VdVr9COe3+JjRtguSqsWTrR5UKbSdeBZvU4dTPCZBvC:Vnr9COeOJFtgtqsWTrBu0nNC+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00f1a2c951baaeb34418c67607b70f50_JaffaCakes118

Files

00f1a2c951baaeb34418c67607b70f50_JaffaCakes118
.exe windows:5 windows x86 arch:x86

230c29076e6f297e8109b1bf869b9f12

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsProcessorFeaturePresent
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
LoadLibraryW
GetProcAddress
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
MultiByteToWideChar
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetLocaleInfoW
RtlUnwind
LCMapStringW
HeapReAlloc
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
WriteConsoleW
SetFilePointer
SetStdHandle
CloseHandle
LoadLibraryA
SetHandleCount
GetUserDefaultLCID
Sleep
GetLastError
ExitThread
GlobalAlloc
GetCurrentProcess
GetEnvironmentStringsW
HeapAlloc
IsValidCodePage
GetOEMCP
GetACP
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
CreateFileW
GetCPInfo
HeapFree
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
HeapCreate
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection

user32

EndMenu
EndPaint
IsIconic
GetParent
LoadMenuA
SetWindowTextA
GetWindowTextLengthA
SendMessageA
GetDC
GetForegroundWindow
GetWindowTextA
GetDlgItem
EndDialog
LoadAcceleratorsA

gdi32

GdiFlush
GetTextMetricsA

winspool.drv

EndPagePrinter

advapi32

RegCloseKey

gdiplus

GdiplusStartup

opengl32

glBegin
glNormal3f
glEnd
glClear
glVertex3f

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

230c29076e6f297e8109b1bf869b9f12

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

gdiplus

opengl32

Sections

.text Size: 99KB - Virtual size: 99KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 197KB - Virtual size: 243KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 99KB - Virtual size: 99KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 197KB - Virtual size: 243KB

.rsrc
Size: 18KB - Virtual size: 17KB