371a3ed0bb37700904d8a3622fa49b64_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

371a3ed0bb37700904d8a3622fa49b64_JaffaCakes118
Size

148KB
MD5

371a3ed0bb37700904d8a3622fa49b64
SHA1

97758f2ee76788854947156afd2b99b2d534a4ba
SHA256

0a2a6d18ddfe5234a9dfa32cecdd060a3529dfebae70c4940ab26c2f37ed5e01
SHA512

4fe254499520a51bb1bd47216b2df1bf2cb8400cee33d8ab1d65fabe444be7783b7603e62df74f3a6e5c02cb04c9e351d181360e1e77bc2068121ecef194665b
SSDEEP

3072:I+90B8ls1AuQJjE66ZU1MYDQvJaCVUxz:Ngon9Ua

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
371a3ed0bb37700904d8a3622fa49b64_JaffaCakes118

Files

371a3ed0bb37700904d8a3622fa49b64_JaffaCakes118
.exe windows:4 windows x86 arch:x86

12af434136ee285ea12344f46cb19aca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
VerFindFileA
GetFileVersionInfoA

gdi32

GetClipBox
LineTo
SetTextColor
GetObjectA
SetBkColor
SelectPalette
GetRgnBox

kernel32

GetStdHandle
GlobalAddAtomA
ExitProcess
GetVersion
GetStringTypeW
GetOEMCP
VirtualAllocEx
GetStartupInfoA
InitializeCriticalSection
GlobalFindAtomA
GlobalDeleteAtom
IsBadReadPtr
ExitThread
GetSystemDefaultLangID
GetModuleHandleA
GetTickCount
GetThreadLocale
LoadResource
LockResource
HeapFree
GetProcAddress
GetProcessHeap
LoadLibraryExA
GetLocaleInfoA
HeapAlloc
RaiseException
GetUserDefaultLCID
GetCommandLineA
GetACP
GetModuleFileNameA
GetStringTypeA
GlobalAlloc
GetCommandLineW
LoadLibraryA
GetLastError
GetLocalTime
GetVersionExA

shell32

DragQueryFileA
SHGetFileInfoA

shlwapi

PathIsDirectoryA
SHQueryValueExA
SHGetValueA
SHDeleteValueA
SHQueryInfoKeyA

Sections

.text
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12af434136ee285ea12344f46cb19aca

Headers

File Characteristics

Imports

version

gdi32

kernel32

shell32

shlwapi

Sections

.text Size: 112KB - Virtual size: 109KB

.rdata Size: 4KB - Virtual size: 556B

.data Size: 4KB - Virtual size: 1KB

DATA Size: 4KB - Virtual size: 1KB

.adata Size: 12KB - Virtual size: 8KB

.gdata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 112KB - Virtual size: 109KB

.rdata
Size: 4KB - Virtual size: 556B

.data
Size: 4KB - Virtual size: 1KB

DATA
Size: 4KB - Virtual size: 1KB

.adata
Size: 12KB - Virtual size: 8KB

.gdata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB