080fd591be31fb8bda502a193ca7c130_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

080fd591be31fb8bda502a193ca7c130_JaffaCakes118
Size

465KB
MD5

080fd591be31fb8bda502a193ca7c130
SHA1

e0b57af1ce751463581156120220ba5ff89f0fcb
SHA256

0db7cfdbc1fae5d24b91b09e859d18e4949a27db4225cb8beb706b12ae013569
SHA512

def145a1b034f7da44636afa35d369837f1ae81ff0127f338e1160722d8d643c213c7f70971c154155d0b71ac8e1bd6fa4d83f9911816b4942b32f01a1b9683d
SSDEEP

12288:CabAsPKr86anDSes2sGjsL0pHZeZhb77sD:CoAsyMDS2sEob

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
080fd591be31fb8bda502a193ca7c130_JaffaCakes118

Files

080fd591be31fb8bda502a193ca7c130_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30a0dae745f76d60c7322a0f516c28ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectObject
GetDeviceCaps
CreateCompatibleDC
SetBkColor

user32

DestroyWindow
EndDialog
TranslateMessage
SetTimer
EndPaint
IsWindowVisible
LoadIconA
IsIconic
ShowWindow
GetDlgItem
SetFocus
GetDC

kernel32

ExitProcess
GetCurrentProcess
ResetEvent
GetProcessHeap
GetCurrentProcessId
GetCurrentDirectoryA
FindFirstFileW
GetFileSize
CompareStringW
GetLocaleInfoA
LCMapStringA
EnterCriticalSection
FindNextFileW
Sleep
LeaveCriticalSection
TerminateProcess
HeapFree
SetEvent
UnmapViewOfFile
SetUnhandledExceptionFilter
DeleteCriticalSection
ReleaseMutex
GetSystemTimeAsFileTime
FindResourceA
SetEndOfFile
GetStringTypeA
TlsSetValue
HeapDestroy
GlobalUnlock
CreateProcessA
InitializeCriticalSection
IsDebuggerPresent
SetErrorMode
FreeLibrary
LoadLibraryA
GetACP
GetProcAddress
GetEnvironmentStringsW
GetStartupInfoA
GetVersionExA
GetStringTypeW
CloseHandle
CreateFileMappingA
FreeEnvironmentStringsA
GetEnvironmentStrings
VirtualProtect
MapViewOfFile
WriteFile
CreateThread
VirtualAlloc
RaiseException
GetPrivateProfileStringA
TlsFree
GetLastError
SetCurrentDirectoryA
GetFileType
HeapCreate
TlsGetValue
SetFilePointer
lstrcmpiW
WideCharToMultiByte
GetModuleFileNameW
GetOEMCP
GetModuleHandleA
LCMapStringW
GetCurrentThreadId
lstrlenA
GetStdHandle
GetModuleHandleW
SetLastError
GetSystemInfo
InterlockedExchange
InterlockedDecrement
VirtualFree
GetFileAttributesA
HeapAlloc
HeapSize
FindFirstFileA

msvcrt

exit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_exit
_XcptFilter
_strcmpi
_acmdln

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 394KB - Virtual size: 393KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30a0dae745f76d60c7322a0f516c28ec

Headers

File Characteristics

Imports

gdi32

user32

kernel32

msvcrt

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 394KB - Virtual size: 393KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 394KB - Virtual size: 393KB

.rsrc
Size: 2KB - Virtual size: 2KB