422db4c4fc65b1db9638d1f9f800a108_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

422db4c4fc65b1db9638d1f9f800a108_JaffaCakes118
Size

394KB
MD5

422db4c4fc65b1db9638d1f9f800a108
SHA1

6a4851a19e1f42bce7dda76bb9413b9ba1d7f409
SHA256

d3c08bec63b2fd99774a57c88bbcc3be449de47f040cbe6415160e1719077fbe
SHA512

1f6efdc2be2a0072ed1a8a85408ef4c70dbccf51ddd8ce0fb2547dc5e85606b4722dc2dff7f5b9817f424f8272f0a918581a7595bd20cbb56cbba30b3e2d7702
SSDEEP

12288:AkeskyhYN8U5d8Xpvuh55DU5gCtAIYL4:FWzhHwrE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
422db4c4fc65b1db9638d1f9f800a108_JaffaCakes118

Files

422db4c4fc65b1db9638d1f9f800a108_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e31dae3ec9ef7fcd99e291507638241f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSysColorBrush
AppendMenuA
SetWindowContextHelpId
ShowCursor
SendNotifyMessageW
MapVirtualKeyExW
GetThreadDesktop
ScreenToClient
RegisterClipboardFormatA
SetScrollRange
MapWindowPoints
GetInputState
DdePostAdvise
GetWindowRect
DrawMenuBar
GetShellWindow
RegisterWindowMessageA
CharNextA

gdi32

OffsetRgn
GetBrushOrgEx
StrokeAndFillPath
AbortDoc
SetICMProfileA
SetBrushOrgEx
CreateScalableFontResourceA
EnumFontFamiliesExA
LineDDA
GetCharABCWidthsA
AnimatePalette
CreatePolygonRgn
PolyBezier
GetWorldTransform
LPtoDP
GetDIBits
SetPixelFormat
GetROP2
DeleteColorSpace
DPtoLP

advapi32

RegLoadKeyA

shell32

SHInvokePrinterCommandW
SHFreeNameMappings
ShellAboutW
CommandLineToArgvW

kernel32

ExitProcess
GetModuleFileNameW
HeapReAlloc
EnterCriticalSection
GetStdHandle
GetTempFileNameA
TerminateProcess
GetEnvironmentStringsW
IsBadWritePtr
InterlockedExchange
VirtualFree
GetStartupInfoA
GetCurrentProcess
HeapFree
MultiByteToWideChar
GetFileType
GetModuleHandleA
TlsFree
GetTickCount
VirtualAlloc
SetLastError
GetEnvironmentStrings
TlsGetValue
GetSystemTimeAsFileTime
GetCurrentProcessId
FreeEnvironmentStringsA
DeleteCriticalSection
GetCommandLineA
InitializeCriticalSection
VirtualQuery
GetCurrentThread
TlsSetValue
WriteFile
TlsAlloc
QueryPerformanceCounter
GetCommandLineW
LeaveCriticalSection
HeapCreate
GetModuleFileNameA
LoadLibraryA
GetLastError
SetHandleCount
RtlUnwind
GetProcAddress
FreeEnvironmentStringsW
GetStartupInfoW
HeapDestroy
UnhandledExceptionFilter
GetCurrentThreadId
HeapAlloc
GetVersion

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e31dae3ec9ef7fcd99e291507638241f

Headers

File Characteristics

Imports

user32

gdi32

advapi32

shell32

kernel32

Sections

.text Size: 117KB - Virtual size: 117KB

.data Size: 265KB - Virtual size: 265KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 117KB - Virtual size: 117KB

.data
Size: 265KB - Virtual size: 265KB

.rsrc
Size: 10KB - Virtual size: 10KB