310ac1ff6238d1eb61e16293f31760b4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

310ac1ff6238d1eb61e16293f31760b4_JaffaCakes118
Size

271KB
MD5

310ac1ff6238d1eb61e16293f31760b4
SHA1

c1b31649e888da235c44384a486efc484c135b11
SHA256

5a23da96ea45c777ed7e6141c0f7e3c911239b042535be28c46903efa60bff9c
SHA512

622fc59aa87100d00bedecd2e5741be7d418076cc166374e4fb837dfb41e17c972325219889ca2027c046f886cc7c464293f3bc3e96bd70b9d7b7004298938dc
SSDEEP

6144:IO1t2OgJYQ7K9qbf0WsiaxdiM65+Xxb+uaVnEnYxBI9cJEk4yRFPThEwg+APhp:IOv2OgJYQ7Kmf0tiaxdiM65+Xxb+uGE1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
310ac1ff6238d1eb61e16293f31760b4_JaffaCakes118

Files

310ac1ff6238d1eb61e16293f31760b4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

02f7d276daa63d97aea65ad286e0f8a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
ExitThread
HeapCreate
ExpandEnvironmentStringsA
RtlUnwind
GetLocaleInfoA
GetVersion
GetCurrentProcess
GetDateFormatA
VirtualAlloc
InitializeCriticalSection
GetUserDefaultLCID
HeapReAlloc
GetACP
VirtualProtectEx
FreeEnvironmentStringsW
lstrcmp
HeapSize
GetModuleFileNameA
CompareStringA
GetLastError
ExitProcess
EnterCriticalSection
GetFileType
WriteFile
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetEnvironmentStrings
SetConsoleWindowInfo
GetStringTypeW
QueryPerformanceCounter
TlsAlloc
LCMapStringA
GetConsoleTitleA
IsValidLocale
SetHandleCount
LocalUnlock
HeapAlloc
GetCommandLineA
HeapFree
GetComputerNameW
VirtualProtect
GetCurrentProcessId
GetMailslotInfo
GetLocaleInfoW
WideCharToMultiByte
LeaveCriticalSection
GetStringTypeA
lstrcpynW
EnumSystemLocalesA
GetOEMCP
WriteProfileStringW
TlsSetValue
LCMapStringW
MultiByteToWideChar
LoadModule
VirtualFree
UnhandledExceptionFilter
TlsGetValue
FindFirstFileExA
SystemTimeToFileTime
IsValidCodePage
GetStringTypeExW
TerminateThread
GetLocalTime
GetStdHandle
GetProcAddress
FreeEnvironmentStringsA
GetCPInfo
SetStdHandle
GetVersionExA
InterlockedExchange
GetSystemInfo
TlsFree
GetCurrentThread
VirtualQuery
SetLastError
SetEnvironmentVariableA
FindAtomA
HeapDestroy
GetCurrentThreadId
GetTimeFormatA
VirtualFreeEx
TerminateProcess
DeleteCriticalSection
GetTimeZoneInformation
DeleteFileA
GetModuleHandleA
IsBadWritePtr
GetEnvironmentStringsW
GetStartupInfoA

comdlg32

GetOpenFileNameA
GetFileTitleW
ChooseFontA
PageSetupDlgA
ChooseColorW
GetSaveFileNameA
GetSaveFileNameW
GetFileTitleA
FindTextW
FindTextA
ChooseColorA
GetOpenFileNameW
PageSetupDlgW

gdi32

FixBrushOrgEx
EndDoc
StartDocW
GetRgnBox
StartDocA
GetCharABCWidthsA
OffsetRgn
BeginPath
GetTextFaceW
CreateCompatibleDC
FillRgn
PolylineTo
ScaleWindowExtEx
SetTextCharacterExtra
CopyMetaFileA
CreateDCA

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02f7d276daa63d97aea65ad286e0f8a1

Headers

File Characteristics

Imports

kernel32

comdlg32

gdi32

Sections

.text Size: 124KB - Virtual size: 123KB

.data Size: 136KB - Virtual size: 136KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 124KB - Virtual size: 123KB

.data
Size: 136KB - Virtual size: 136KB

.rsrc
Size: 10KB - Virtual size: 9KB