38f247762b23ddcd7a0fc182669d23c5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38f247762b23ddcd7a0fc182669d23c5_JaffaCakes118
Size

1.5MB
MD5

38f247762b23ddcd7a0fc182669d23c5
SHA1

0a81eba52f01fbf584ddb99d548ff1779196a186
SHA256

f3153a9e7fc586c86168195e5a53a8085c0e7fbdf0a93f751dd5f66f35edefc7
SHA512

132e982da530831f44dac1ca3ef350d9c996c0554d3b8aeac0564f2859f00acae162101047764940996684b1a54d82c51a8ccc2426abce1d0b60c75e57a5214c
SSDEEP

24576:VqRTZW+grVQQb7tIwNI5bBUD5aMqfg0p2TdCQ2STacyDjOubnISmOF8W28u8W+zx:V9JQQbRM51Y5Sg1cQ2STHWZmOF2x8X1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38f247762b23ddcd7a0fc182669d23c5_JaffaCakes118

Files

38f247762b23ddcd7a0fc182669d23c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a994a064929b9db82b57c05917f6f216

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectObject
GetDeviceCaps
DeleteObject
SetBkColor
CreateCompatibleBitmap

kernel32

GetCommandLineA
GetCurrentThreadId
GetModuleHandleA
GetCurrentProcessId
GetLastError
GetCurrentThread
GetTickCount
ExitProcess
HeapAlloc
GetProcessHeap
VirtualAlloc
FindResourceA
Sleep
VirtualFree
UnmapViewOfFile
IsValidCodePage
CreateProcessA
SizeofResource
InterlockedExchange
GetModuleHandleW
CloseHandle
ReadFile
RaiseException
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetEnvironmentStrings
GetShortPathNameA
lstrlenW
GlobalUnlock
GetThreadLocale
LCMapStringA
lstrlenA
GetSystemInfo
HeapCreate
LCMapStringW
LeaveCriticalSection
CreateFileA
GetFileType
CreateEventA
CreateFileW
CreateEventW
RemoveDirectoryA
GlobalLock
FindFirstFileW
CompareStringA
FindFirstFileA
GetProcAddress
DeleteFileW
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
SetEndOfFile
VirtualQuery
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
MultiByteToWideChar
UnhandledExceptionFilter
GetModuleFileNameA
FlushFileBuffers
IsDebuggerPresent
GetModuleFileNameW
SetLastError
FormatMessageA
TlsGetValue
FindClose
LoadResource
GetExitCodeProcess
LocalFree
FreeLibrary
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
GetStringTypeA
GetCPInfo
SetStdHandle
FreeEnvironmentStringsW
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
GetStdHandle

user32

ScreenToClient
EndDialog
SetWindowLongA
GetWindowRect
GetSystemMetrics
DefWindowProcA
FillRect
SetTimer
LoadCursorA
ShowWindow
GetParent
DestroyWindow
SendMessageA
GetCursorPos
EndPaint
SetWindowPos
LoadIconA
MessageBoxA
IsWindowVisible
TranslateMessage
InvalidateRect

oleaut32

SysAllocStringLen
SysStringLen
VariantClear
SysAllocString

Sections

.text
Size: 1.5MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a994a064929b9db82b57c05917f6f216

Headers

File Characteristics

Imports

gdi32

kernel32

user32

oleaut32

Sections

.text Size: 1.5MB - Virtual size: 1.8MB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 13KB - Virtual size: 13KB

.rsrc Size: 60KB - Virtual size: 60KB

.text
Size: 1.5MB - Virtual size: 1.8MB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 60KB - Virtual size: 60KB