12217db738d7fbff25394827c0c170a0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

12217db738d7fbff25394827c0c170a0_JaffaCakes118
Size

258KB
MD5

12217db738d7fbff25394827c0c170a0
SHA1

ed83372e00e68fd67054ac24792d664dba3e0110
SHA256

f606febb619ba348b4edcee6aec1371fb982f500d5d478390994749c47de22d5
SHA512

cb4abdaf1efb9e24ee1f6a7659352407bcbed5e0f5e5b1e65557c312b97f1029f6aa29750433cb3d438806ad9a2bcd37c624adb6fd37372e9dd547013bceef52
SSDEEP

6144:bYHdq0nY6nRFRhR/W5ATVpKRugzLUuZbeOE5Vr3:bYHdq0nY6vRhR/WyTVpKLzLU25Efr3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12217db738d7fbff25394827c0c170a0_JaffaCakes118

Files

12217db738d7fbff25394827c0c170a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c6a119d72213992b8929fceed04291fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualFree
SetFilePointer
LoadLibraryExA
LocalAlloc
WriteFile
WideCharToMultiByte
SetEndOfFile
SetThreadLocale
SetHandleCount
VirtualAllocEx
LocalFree
ResetEvent
LoadLibraryA
GetVersionExA
GetLastError
MoveFileA
GetCommandLineW
lstrcpyA
VirtualQuery
lstrcatA
LocalReAlloc
IsBadHugeReadPtr
GlobalAlloc
HeapDestroy
GetCommandLineA
ExitProcess
MoveFileExA
GetModuleHandleA
GetProcAddress
MulDiv
lstrlenW
SetEvent
lstrcpynA
IsBadReadPtr
lstrcmpA

user32

GetMenuState
InsertMenuItemA
InvalidateRect
IsWindow
GetSystemMenu
GetKeyboardLayoutNameA
GetLastActivePopup
GetClipboardData
GetMenu
GetKeyboardLayoutList
GetDC
InflateRect
GetParent
GetWindowRect
GetScrollPos
GetCursorPos
IsDialogMessageW
GetPropA
GetDCEx
GetSysColor
GetMessagePos
GetTopWindow

gdi32

BitBlt
CreateBitmap
CopyEnhMetaFileA

Sections

CODE
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES72
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RES78
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RES54
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES91
Size: 1024B - Virtual size: 967B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES28
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RES25
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RES23
Size: 1024B - Virtual size: 675B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES71
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6a119d72213992b8929fceed04291fe

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

CODE Size: 81KB - Virtual size: 81KB

.data Size: 159KB - Virtual size: 159KB

.RES72 Size: 2KB - Virtual size: 1KB

.RES78 Size: 2KB - Virtual size: 2KB

.RES54 Size: 1KB - Virtual size: 1KB

.RES91 Size: 1024B - Virtual size: 967B

.RES28 Size: 2KB - Virtual size: 1KB

.RES25 Size: 2KB - Virtual size: 1KB

.RES23 Size: 1024B - Virtual size: 675B

.RES71 Size: 1KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

CODE
Size: 81KB - Virtual size: 81KB

.data
Size: 159KB - Virtual size: 159KB

.RES72
Size: 2KB - Virtual size: 1KB

.RES78
Size: 2KB - Virtual size: 2KB

.RES54
Size: 1KB - Virtual size: 1KB

.RES91
Size: 1024B - Virtual size: 967B

.RES28
Size: 2KB - Virtual size: 1KB

.RES25
Size: 2KB - Virtual size: 1KB

.RES23
Size: 1024B - Virtual size: 675B

.RES71
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB