2d61b7ef7fa72daeac7f42aff59f53c7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d61b7ef7fa72daeac7f42aff59f53c7_JaffaCakes118
Size

697KB
MD5

2d61b7ef7fa72daeac7f42aff59f53c7
SHA1

5f8fc3790831422b8c07f50147771542b7b69f30
SHA256

f42c8fac9c242d3827f45a3a1198e7cbe0f0e51d136b0b8871b3240a2fe13eda
SHA512

3be463f5b2f011f22eb736653a4fc9c53c21018f0a266a3244a24fe1db1f60541428c333a0962c88c02fbbbb44f77bf82de315e5143465d78b64d61dac12e0bb
SSDEEP

12288:YL3fQIKZkuKPbVBJi+G9i0R+FAEyRhtzr765Ud730DQtqbB4N9:XRZNKP3G9i7FAPhJr765GEFe9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d61b7ef7fa72daeac7f42aff59f53c7_JaffaCakes118

Files

2d61b7ef7fa72daeac7f42aff59f53c7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6063f30d23d975e50ec61a42a21e5bf3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBkMode
SetBkColor
DeleteObject

user32

SetWindowPos
GetDC
ReleaseDC
GetActiveWindow
DestroyWindow
GetParent
UpdateWindow
TranslateMessage
GetSubMenu
FillRect
SetCapture
ReleaseCapture
SetWindowTextA
CheckMenuItem
GetDlgItem
ScreenToClient
LoadCursorA
IsWindowVisible
InvalidateRect
GetClientRect

kernel32

GetStdHandle
ReleaseMutex
GetFileAttributesA
WaitForSingleObject
HeapDestroy
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
GetTempPathA
GetCPInfo
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetOEMCP
LocalFree
InitializeCriticalSection
FindClose
GetCurrentThread
GetVersion
GetTickCount
GetCurrentProcessId
GetModuleHandleA
GetLastError
GetCommandLineA
GetCurrentThreadId
ExitProcess
VirtualAlloc
ResetEvent
Sleep
VirtualFree
UnmapViewOfFile
IsValidCodePage
CreateProcessA
SetStdHandle
GetModuleHandleW
GlobalLock
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
RaiseException
InterlockedCompareExchange
HeapSize
WideCharToMultiByte
GetCommandLineW
CreateProcessW
GetEnvironmentStringsW
LCMapStringA
GlobalFree
GetSystemInfo
HeapCreate
LCMapStringW
InterlockedIncrement
CreateFileA
TlsSetValue
GetFileType
ExpandEnvironmentStringsA
CreateFileMappingA
CompareStringA
FindFirstFileA
GetProcessHeap
GetProcAddress
CreateDirectoryA
GetFileSize
GetStartupInfoA
FreeLibrary
LoadLibraryA
GetVersionExA
TlsAlloc
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
SetEndOfFile
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
SetUnhandledExceptionFilter
CreateThread
MultiByteToWideChar
InterlockedDecrement
UnhandledExceptionFilter
GetModuleFileNameA
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
SetLastError
FormatMessageA
TlsGetValue

Sections

.text
Size: 660KB - Virtual size: 982KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6063f30d23d975e50ec61a42a21e5bf3

Headers

File Characteristics

Imports

gdi32

user32

kernel32

Sections

.text Size: 660KB - Virtual size: 982KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 19KB - Virtual size: 19KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 660KB - Virtual size: 982KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 11KB - Virtual size: 10KB