08b20b900bdc43beadce82ee6f57c174_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

08b20b900bdc43beadce82ee6f57c174_JaffaCakes118
Size

192KB
MD5

08b20b900bdc43beadce82ee6f57c174
SHA1

8d0ac2f9cdbc4728063801f3dcf00615d5d948e7
SHA256

437464329e6627a988c5991b0b9946037b5111c078d9855755aa1dc189a80a91
SHA512

3d55b0cc95abe948e77c9b483a756597f6dbdf64f89a689185bf78bb3380fb7421514753ac2a3db7cffa6c2767262dac20cfac21c512ecb13dcb21446145ffa0
SSDEEP

3072:tNv2REAobyllJVb8JeKkGW3Tld8otmtfV16c0nnzI3JOT0oZ2/2eUS:tNv2RErGlDVb8sKRW3RntMfVcmJOAme9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08b20b900bdc43beadce82ee6f57c174_JaffaCakes118

Files

08b20b900bdc43beadce82ee6f57c174_JaffaCakes118
.exe windows:4 windows x86 arch:x86

25d514656cad85768ca671af099d3e0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameA

user32

RegisterClassExA
CharPrevW
SetPropW
PtInRect
RegisterClassA

gdi32

GetClipRgn
FillRgn
EnumMetaFile
CreateRectRgn
GetLayout
SetDIBColorTable
StretchDIBits
GetCharABCWidthsFloatA
GetObjectA
PtVisible
GetWindowExtEx
SetMetaRgn
DeleteEnhMetaFile
ExtCreatePen
CreateBitmapIndirect
CreateDIBPatternBrushPt
EqualRgn
CombineTransform
GetColorSpace

kernel32

GetConsoleCP
CompareStringW
IsDebuggerPresent
DeleteCriticalSection
OpenMutexA
VirtualQuery
GetFileType
HeapCreate
TlsAlloc
GetUserDefaultLCID
ExitProcess
GetConsoleMode
SetEnvironmentVariableA
GetCPInfo
MultiByteToWideChar
GetLocaleInfoW
GetACP
InterlockedIncrement
IsValidLocale
GetCurrentProcessId
GetTimeFormatA
UnhandledExceptionFilter
QueryPerformanceCounter
HeapReAlloc
GetCurrentProcess
EnterCriticalSection
TerminateProcess
InitializeCriticalSection
GetCurrentThread
VirtualFree
CompareStringA
SetUnhandledExceptionFilter
GetCommandLineA
SetStdHandle
LCMapStringW
HeapDestroy
InterlockedExchange
Sleep
GetOEMCP
GetLastError
GetTickCount
TlsSetValue
FreeLibrary
ReadFile
TlsFree
GetStdHandle
InterlockedDecrement
SetConsoleCtrlHandler
FreeEnvironmentStringsA
TlsGetValue
GetEnvironmentStringsW
GetConsoleOutputCP
LCMapStringA
GetVersionExA
GetDateFormatA
LeaveCriticalSection
GetModuleHandleA
FlushFileBuffers
HeapAlloc
ExpandEnvironmentStringsA
CloseHandle
WriteConsoleW
GetStringTypeA
CreateMutexA
GetProcAddress
HeapSize
GetTimeZoneInformation
GetProcessHeap
GetStartupInfoA
VirtualAlloc
GetLocaleInfoA
CreateFileA
HeapFree
EnumSystemLocalesA
GetEnvironmentStrings
WriteFile
GetModuleFileNameA
WideCharToMultiByte
GetStringTypeW
GetCurrentThreadId
LoadLibraryA
GetSystemTimeAsFileTime
RtlUnwind
SetHandleCount
IsValidCodePage
FreeEnvironmentStringsW
WriteConsoleA
SetLastError
SetFilePointer

comctl32

InitCommonControlsEx

Sections

.text
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 357KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25d514656cad85768ca671af099d3e0c

Headers

File Characteristics

Imports

comdlg32

user32

gdi32

kernel32

comctl32

Sections

.text Size: 145KB - Virtual size: 144KB

.rdata Size: 9KB - Virtual size: 24KB

.data Size: 357KB - Virtual size: 356KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 145KB - Virtual size: 144KB

.rdata
Size: 9KB - Virtual size: 24KB

.data
Size: 357KB - Virtual size: 356KB

.rsrc
Size: 5KB - Virtual size: 5KB