03ebd635a4d8e2f42705e039646265ad_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

03ebd635a4d8e2f42705e039646265ad_JaffaCakes118
Size

425KB
MD5

03ebd635a4d8e2f42705e039646265ad
SHA1

45a5f24f3bb136c832c81b572af3b19aaa217ddb
SHA256

02c273c3412f45c9ec90bfac3d0c252e3457c1b4b1f8be6fed545cf640fd6143
SHA512

6200827e4e0b5ce3b463da83527e5c4a81bce059773f539fe88b1f00eb4561ca10cd35b6512f56b8c85bb740e4f34bf1ffc76e46c1527818ab462ebe61f88f6b
SSDEEP

12288:2o5Qukq67mSvsiM7jKpDjBLFTV0tS4obq:hi+6Fv5M7OZRFuVob

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03ebd635a4d8e2f42705e039646265ad_JaffaCakes118

Files

03ebd635a4d8e2f42705e039646265ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

35c780dc5ddb527747ce675aef912c66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateRoundRectRgn
GdiSetBatchLimit
PolyPolygon
CopyEnhMetaFileW
GetTextMetricsA
TextOutA
DeleteObject
SetICMProfileW
SetBkColor
GetGlyphOutlineW
CreateRectRgnIndirect
GetCharWidthA
GetViewportOrgEx
CreateDIBitmap
ResetDCW
SelectClipPath
SetICMMode

user32

IntersectRect
CreateDialogParamA
FrameRect
DrawFrameControl
RegisterClassExW
GetScrollPos
SetWindowTextW

comdlg32

ChooseColorA
PageSetupDlgA
PrintDlgW
GetOpenFileNameA

shell32

SHLoadInProc
SHAddToRecentDocs
SHGetPathFromIDListA
RealShellExecuteExA
DragQueryPoint
RealShellExecuteW
ExtractAssociatedIconExW
SHGetPathFromIDListW
SHGetSpecialFolderPathA
SHEmptyRecycleBinA
SHGetFileInfo
SheGetDirA
SHUpdateRecycleBinIcon
ExtractIconExW
SHEmptyRecycleBinW
SHGetMalloc
SHAppBarMessage
ExtractIconW

kernel32

GetCurrentThread
RemoveDirectoryA
GetLastError
VirtualAlloc
VirtualFree
GetCommandLineA
RtlUnwind
GetEnvironmentStrings
InterlockedExchange
TlsSetValue
GetFileType
UnhandledExceptionFilter
SetConsoleTextAttribute
GetModuleHandleA
GetVersion
VirtualQuery
EnumCalendarInfoA
ExitProcess
GetProcAddress
HeapCreate
HeapDestroy
GetStartupInfoW
GetStartupInfoA
HeapReAlloc
WriteFile
GetCurrentProcess
EnterCriticalSection
InitializeCriticalSection
GetModuleFileNameW
HeapFree
GetSystemTimeAsFileTime
GetStdHandle
TlsAlloc
HeapAlloc
SetHandleCount
LeaveCriticalSection
GetEnvironmentStringsW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
MultiByteToWideChar
OpenEventA
GetCommandLineW
SetLastError
DeleteCriticalSection
IsBadWritePtr
GetModuleFileNameA
TlsFree
TerminateProcess
TlsGetValue
GetLocaleInfoW
GetCurrentProcessId
DuplicateHandle
LoadLibraryA
GetProfileSectionW
EnumDateFormatsExW
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35c780dc5ddb527747ce675aef912c66

Headers

File Characteristics

Imports

gdi32

user32

comdlg32

shell32

kernel32

Sections

.text Size: 117KB - Virtual size: 116KB

.data Size: 301KB - Virtual size: 301KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 117KB - Virtual size: 116KB

.data
Size: 301KB - Virtual size: 301KB

.rsrc
Size: 6KB - Virtual size: 5KB