127332d23b9f7c9265c7152cd4733df0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

127332d23b9f7c9265c7152cd4733df0_JaffaCakes118
Size

192KB
MD5

127332d23b9f7c9265c7152cd4733df0
SHA1

8daa90ec83e62c33c8ec7ca6da08acd5ffd2f188
SHA256

dc9d1ea3331be7ec3a2bf26aaf40ae48e826612fc8f16cf51ef883e68ca220af
SHA512

6cb64ec957044d9bc0a039934a78e76810fed47c6b565ec4ddf985b9764dce64421ce7ddff3b4596eaaa0b5e658a67031a7c5613109870b0840f9522af3b843c
SSDEEP

3072:6Z6yn7u1v176XaEcduTjdZJ18G0QKKUFplcGbo6PWlKMswIcNZgkui:6Zr7m7oHTJB8d2VKMsjj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
127332d23b9f7c9265c7152cd4733df0_JaffaCakes118

Files

127332d23b9f7c9265c7152cd4733df0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e606d85c41bc6a09f733b69edfa52cad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerFindFileA
GetFileVersionInfoA
VerQueryValueA

ole32

CoReleaseMarshalData
ReleaseStgMedium
WriteClassStm
CLSIDFromString
CoGetMalloc
OleRegGetUserType
StgOpenStorage
CLSIDFromProgID
CoUninitialize
StgCreateDocfileOnILockBytes

gdi32

GetDIBits
GetRgnBox
SetPixel
CreateCompatibleDC

kernel32

GetFullPathNameA
LockResource
SetFilePointer
IsBadReadPtr
LocalReAlloc
MulDiv
GetCommandLineW
LoadLibraryA
EnumCalendarInfoA
GetThreadLocale
LoadLibraryExA
MoveFileExA
lstrcmpiA
VirtualQuery
GetStdHandle
CreateEventA
HeapFree
GetCurrentProcessId
ExitThread
SetEvent
FreeLibrary
GetStringTypeW
GetACP
GetLastError
InitializeCriticalSection
GetModuleHandleW
RaiseException
GetCurrentProcess
GetSystemDefaultLangID
GetLocalTime
FreeResource
HeapAlloc
GlobalFindAtomA
lstrlenA
Sleep
ExitProcess
LocalFree
WideCharToMultiByte
VirtualAllocEx
SetHandleCount
GetDateFormatA
SetEndOfFile
CreateFileA
DeleteFileA
GlobalAlloc
GetModuleHandleA
VirtualAlloc
SetLastError
MoveFileA
LoadResource
GetProcAddress
SetErrorMode

Sections

CODE
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e606d85c41bc6a09f733b69edfa52cad

Headers

File Characteristics

Imports

version

ole32

gdi32

kernel32

Sections

CODE Size: 96KB - Virtual size: 94KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 2KB

.bss Size: 4KB - Virtual size: 1KB

.gdata Size: 60KB - Virtual size: 59KB

.rsrc Size: 8KB - Virtual size: 7KB

CODE
Size: 96KB - Virtual size: 94KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 2KB

.bss
Size: 4KB - Virtual size: 1KB

.gdata
Size: 60KB - Virtual size: 59KB

.rsrc
Size: 8KB - Virtual size: 7KB