439983e300c979adee6b230aa5d14088_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

439983e300c979adee6b230aa5d14088_JaffaCakes118
Size

264KB
MD5

439983e300c979adee6b230aa5d14088
SHA1

6310f8864042e4e67ee795de388e3d1c476aa27b
SHA256

c5ae33a6e0c1163854f26a7812bb380eaa29788df2c277edacf956485cfdf9ed
SHA512

1ac5ff301dae6d6d79a303d0e04f3f6630948e851256bca6b8b4d66d05ba66b5f4613a02238d8c837380ab731f3a97b1a2eb22f7a488160899b0ac119dfa96d5
SSDEEP

6144:Pa2HNguo2JI/TlfjBD1yhPq4b41Qvzxbi5S86FX7UfEiVxFW1Oz:C2HWuot/n4USRiowf/xFqOz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
439983e300c979adee6b230aa5d14088_JaffaCakes118

Files

439983e300c979adee6b230aa5d14088_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e57dd700ae621d6136c4d390b549201b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

LoadAlterBitmap
GetFileTitleA
ChooseFontW
ChooseFontA
GetOpenFileNameA
FindTextA
PrintDlgW
PageSetupDlgA
GetFileTitleW
ChooseColorW
ReplaceTextW
ReplaceTextA
PageSetupDlgW
GetSaveFileNameA
PrintDlgA
GetSaveFileNameW
FindTextW

gdi32

ExtTextOutW
SetColorAdjustment

user32

GetComboBoxInfo
SendDlgItemMessageA
CharUpperW

shell32

ExtractAssociatedIconW
DragAcceptFiles
SheChangeDirA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
RealShellExecuteExA
SHGetFileInfoA
DragQueryFileAorW
SHEmptyRecycleBinA
SHAppBarMessage
RealShellExecuteExW
SHGetInstanceExplorer
ShellExecuteA
DoEnvironmentSubstA
SHChangeNotify
SHUpdateRecycleBinIcon
CommandLineToArgvW
SHFormatDrive
SHInvokePrinterCommandW

kernel32

GetCurrentThreadId
QueryPerformanceCounter
FreeEnvironmentStringsW
VirtualQuery
GetCommandLineA
GetDriveTypeW
HeapCreate
VirtualFreeEx
GetLocaleInfoW
GetModuleHandleA
TlsSetValue
ExitProcess
CompareStringA
HeapSize
GetWindowsDirectoryA
GetLocaleInfoA
InterlockedIncrement
GetProcessHeaps
GetEnvironmentStrings
GetTimeZoneInformation
lstrcatW
UnhandledExceptionFilter
GetTickCount
InterlockedExchange
GetLastError
WritePrivateProfileSectionW
GetTempPathA
RtlUnwind
WriteFile
WideCharToMultiByte
GetStringTypeW
SetUnhandledExceptionFilter
GetACP
GetCPInfo
LCMapStringA
AddAtomA
DeleteCriticalSection
Sleep
HeapReAlloc
EnterCriticalSection
IsDebuggerPresent
EnumSystemLocalesA
IsValidCodePage
VirtualAlloc
SetConsoleCtrlHandler
LCMapStringW
GetStdHandle
EnumResourceNamesW
GetFileType
OpenFileMappingA
SetHandleCount
LocalLock
GetCurrentProcessId
MultiByteToWideChar
GetCurrentThread
HeapAlloc
TransactNamedPipe
SetLastError
GetEnvironmentStringsW
GetStartupInfoW
SetConsoleOutputCP
GetUserDefaultLCID
GetTimeFormatA
GetConsoleScreenBufferInfo
GetCurrentProcess
GetProcessHeap
GetFileTime
CompareStringW
EnumResourceTypesA
TlsAlloc
EnumSystemCodePagesA
LeaveCriticalSection
TlsFree
GetCalendarInfoA
FreeEnvironmentStringsA
GetProcAddress
InitializeCriticalSection
IsValidLocale
HeapDestroy
TerminateProcess
TlsGetValue
VirtualFree
InterlockedDecrement
GetStringTypeA
GetStartupInfoA
GetCommandLineW
LoadLibraryA
HeapFree
GetVersionExA
SetStdHandle
OpenWaitableTimerA
GetDateFormatA
DeleteFileA
GetModuleFileNameW
GetFileAttributesExW
GetSystemTimeAsFileTime
SetEnvironmentVariableA
GetModuleFileNameA
FreeLibrary
GetOEMCP

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e57dd700ae621d6136c4d390b549201b

Headers

File Characteristics

Imports

comdlg32

gdi32

user32

shell32

kernel32

Sections

.text Size: 119KB - Virtual size: 118KB

.data Size: 139KB - Virtual size: 158KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 119KB - Virtual size: 118KB

.data
Size: 139KB - Virtual size: 158KB

.rsrc
Size: 5KB - Virtual size: 4KB