303aafdca223473519ba82605fc84670_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

303aafdca223473519ba82605fc84670_JaffaCakes118
Size

214KB
MD5

303aafdca223473519ba82605fc84670
SHA1

c886ad8cd3a0202fb6d0ed80cf52bc24f3bd68d2
SHA256

45a35649e6c54f9ca933bcc1acf047f2cbece55269bf480e370218408198abe4
SHA512

83a9b2befcec79f50829fd0c51ffca25fb5d2b76684f865a9b82f2f143930025605d3e2c34ca20aec6213bccdb4fd00e7023cd078aaeb81e5766b43734421b56
SSDEEP

6144:GfXNkPfTMV3g1pjsOLyYxRhYalSWNr+ND:ImPfTMyIlYxRhJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
303aafdca223473519ba82605fc84670_JaffaCakes118

Files

303aafdca223473519ba82605fc84670_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6f6fa555eac8390569bd1148cc22382f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
LoadLibraryW
MultiByteToWideChar
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
HeapSize
FreeEnvironmentStringsW
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
SetStdHandle
WriteConsoleW
LCMapStringW
GetStringTypeW
HeapReAlloc
CreateFileW
FlushFileBuffers
GetModuleHandleW
HeapCreate
CloseHandle
GetModuleFileNameA
LoadLibraryA
GlobalFree
GetProcAddress
GetLastError
HeapAlloc
GetTickCount
IsProcessorFeaturePresent
EncodePointer
DecodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
GetStartupInfoW
HeapSetInformation
GetCurrentProcess
WideCharToMultiByte
GetCommandLineA
HeapFree

user32

GetMenu
MoveWindow
GetWindow
DestroyWindow
GetMessageA
SetActiveWindow
LoadMenuIndirectA
RegisterClassExA
PostQuitMessage
IsIconic
SetCapture
KillTimer
IsZoomed
GetFocus
LoadMenuA
LoadIconA
GetClientRect
EnumWindows
PtInRect
TranslateMessage
ChildWindowFromPoint
MessageBoxA
InvalidateRect
UnregisterClassA
GetWindowLongA
CreateWindowExA
ReleaseDC
DefWindowProcA
RedrawWindow
LoadAcceleratorsA
ShowWindow
CreatePopupMenu
DispatchMessageA
GetSystemMetrics
CloseWindow
UpdateWindow
DestroyMenu
LoadCursorA
DialogBoxParamA

gdi32

DeleteDC
CreateFontIndirectA
SetPixel
DeleteObject
SelectObject
GetStockObject

winspool.drv

EndPagePrinter
ClosePrinter

comdlg32

PrintDlgA

advapi32

RegOpenKeyExW
CheckTokenMembership
FreeSid
RegDeleteValueW

shell32

Shell_NotifyIconA

oleaut32

GetErrorInfo

ws2_32

WSAStartup

mpr

WNetCloseEnum
WNetGetUniversalNameA
WNetEnumResourceA

iphlpapi

GetIpAddrTable

shlwapi

StrStrA

Sections

.data
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 164KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f6fa555eac8390569bd1148cc22382f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

oleaut32

ws2_32

mpr

iphlpapi

shlwapi

Sections

.data Size: 34KB - Virtual size: 34KB

.rdata Size: 13KB - Virtual size: 13KB

.text Size: 164KB - Virtual size: 171KB

.rsrc Size: 1KB - Virtual size: 9KB

.data
Size: 34KB - Virtual size: 34KB

.rdata
Size: 13KB - Virtual size: 13KB

.text
Size: 164KB - Virtual size: 171KB

.rsrc
Size: 1KB - Virtual size: 9KB