050cc981ea519dd81a9c1dd851fa2ff5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

050cc981ea519dd81a9c1dd851fa2ff5_JaffaCakes118
Size

222KB
MD5

050cc981ea519dd81a9c1dd851fa2ff5
SHA1

a719bcf6e163e3777da5f4c550ed183949e164a6
SHA256

1240ecf3415c919ba8b2a0905c73561378e6e47128bf160904889405e8238ad8
SHA512

b2f2fa6037f2d671bb77cf5e333e0c44292fa0b243efe0cc1168f355f562fc94ab48f18de408cb6d223745fbeb90ef8c1f8346e1cde6c147303643dd700d2232
SSDEEP

6144:KpFKgSWcahI+BHsEWRvxLrBvECzgXdsirHFArBVR0H+XYEn4lGa:K/HcKIMuLrxWArzR0ePn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
050cc981ea519dd81a9c1dd851fa2ff5_JaffaCakes118

Files

050cc981ea519dd81a9c1dd851fa2ff5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8aa0c3a5d5323b9b90fed17ef3c15c0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
SetHandleCount
EnterCriticalSection
WideCharToMultiByte
InitializeCriticalSection
EnumResourceNamesW
HeapAlloc
LoadLibraryA
FreeEnvironmentStringsW
GetStringTypeA
GetFullPathNameA
OpenFileMappingW
lstrcmpi
GetEnvironmentStrings
InterlockedExchange
GetTickCount
GetCommandLineA
LCMapStringW
LeaveCriticalSection
WriteConsoleW
GetStdHandle
GetOEMCP
MultiByteToWideChar
GetStartupInfoA
ConnectNamedPipe
TlsFree
HeapCreate
LCMapStringA
GetProcAddress
DeleteCriticalSection
IsBadWritePtr
HeapFree
GetDiskFreeSpaceExA
GetLastError
SetConsoleMode
TlsGetValue
VirtualQuery
GetACP
TlsSetValue
GetSystemTimeAsFileTime
GetCurrentThread
UnhandledExceptionFilter
FreeEnvironmentStringsA
HeapDestroy
HeapReAlloc
TlsAlloc
ExitProcess
CreateDirectoryExA
FoldStringA
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
GetEnvironmentStringsW
GetModuleHandleA
GetStringTypeW
VirtualFree
WriteFile
GetCurrentThreadId
RtlUnwind
SetLastError
GetFileType
GetVersion
GetCurrentProcessId
GetModuleFileNameA
GetTempPathA

advapi32

CryptContextAddRef
RegSetValueExW
RegQueryValueW
CryptAcquireContextW
RegEnumKeyA
RegRestoreKeyA
LookupAccountNameW
CryptSetProviderW
CryptDuplicateKey
CryptEncrypt
CryptAcquireContextA
CryptSetProvParam
CryptGenKey
CryptImportKey
LookupPrivilegeDisplayNameA
RegLoadKeyA
RegSaveKeyA
CryptSignHashA
RegQueryMultipleValuesA

gdi32

GetViewportOrgEx
SetFontEnumeration
PolyBezierTo
SetBitmapBits
StrokeAndFillPath
EndPage
MaskBlt
SetTextAlign
CreateDiscardableBitmap
DeleteDC
GetWorldTransform
PolyPolyline

comdlg32

ReplaceTextA
PrintDlgA
PageSetupDlgW
GetFileTitleA
FindTextW
GetOpenFileNameA
ReplaceTextW
GetSaveFileNameA
LoadAlterBitmap
FindTextA
PageSetupDlgA
ChooseColorA
ChooseColorW
ChooseFontW
GetSaveFileNameW

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8aa0c3a5d5323b9b90fed17ef3c15c0e

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

comdlg32

Sections

.text Size: 103KB - Virtual size: 103KB

.data Size: 104KB - Virtual size: 104KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 103KB - Virtual size: 103KB

.data
Size: 104KB - Virtual size: 104KB

.rsrc
Size: 13KB - Virtual size: 12KB