03d5122509f36c5a454522d5b2e2d205_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

03d5122509f36c5a454522d5b2e2d205_JaffaCakes118
Size

120KB
MD5

03d5122509f36c5a454522d5b2e2d205
SHA1

e05f0abfc482d7fe3f1e9abf2b5eadb12f11b141
SHA256

e13b0ab06cc52b1409cd76ad4462c56713ba8cf09ca37cf1863f1d6ecd9c0ec0
SHA512

9433f1ae320e7bb05969e7713cef3bd607d556f704cd5b5ad3cb5f50def8b9d22ba259b65776c60cb67ff7918da6ac98799de8bef47599eac216e0676950f145
SSDEEP

3072:UKip+90o1+eC5wUXiXgbKHNCD7m7JvzjqIdxOCk:DoRsC5w7rtCu7JvqI/O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03d5122509f36c5a454522d5b2e2d205_JaffaCakes118

Files

03d5122509f36c5a454522d5b2e2d205_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea391ea7101bb4fe9a44d178dd0eb53c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectObject
CreateFontIndirectA
DeleteObject
GetTextExtentPoint32A
GetDeviceCaps
TextOutW
SetTextColor
DeleteDC
CreateDIBitmap
CreatePalette
SelectPalette
SetBkMode

advapi32

RegEnumKeyExA
RegSetValueExW
CryptCreateHash
RegEnumKeyExW
RegSetValueExA
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
CryptImportKey
CryptAcquireContextA
RegEnumValueW
CryptReleaseContext
RegOpenKeyExA
CryptDestroyKey
RegQueryInfoKeyA
RegDeleteKeyA
CryptDestroyHash
RegQueryValueExA
RegDeleteValueA
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExA
RegCreateKeyExW

kernel32

CloseHandle
LocalFree
GetLastError
lstrcpyA
SetUnhandledExceptionFilter
SizeofResource
UnhandledExceptionFilter
GetCurrentProcessId
CreateProcessA
LockResource
GetProcAddress
VirtualAllocEx
ExitProcess
lstrcmpiA
GetVersion
FindResourceExA
OutputDebugStringW
SetEvent
CompareFileTime
GetTickCount
GetLocaleInfoA
ReadFile
FindFirstFileW
SystemTimeToFileTime
VirtualFree
GlobalLock
DuplicateHandle
CreateProcessW
LoadLibraryA
WriteFile
QueryPerformanceCounter
MultiByteToWideChar
TerminateProcess
GetCurrentThreadId
GetModuleHandleA
GetFileAttributesExW
HeapDestroy
GetEnvironmentVariableA
GetCurrentProcess
EnumDateFormatsW
UnmapViewOfFile
GetStdHandle
MulDiv

user32

GetWindowLongA
GetDC
DestroyWindow
CharNextW
CharNextA
DefWindowProcA
UnregisterClassA
ReleaseDC
LoadImageA
LoadIconA
GetDesktopWindow

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea391ea7101bb4fe9a44d178dd0eb53c

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

advapi32

kernel32

user32

Sections

.text Size: 38KB - Virtual size: 37KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 75KB - Virtual size: 74KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 38KB - Virtual size: 37KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 75KB - Virtual size: 74KB

.rsrc
Size: 2KB - Virtual size: 1KB