4552f13be52ac3d229932ae0ed689398_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4552f13be52ac3d229932ae0ed689398_JaffaCakes118
Size

270KB
MD5

4552f13be52ac3d229932ae0ed689398
SHA1

660c2659aa34a1cc6067e957677c023eb4f6b0c9
SHA256

e536444d7ecb862c0c6cd57ae9f5b5db3c2ba24fe459f825c8de09f1c4056b96
SHA512

058a66486d4922fd0336684425ff8b889098cc367bc4560f8e37b221d8e6dc64216723b4784b684fb30a6b8e057ed0c85cca6334c3f262384159f92eb7bc0f1d
SSDEEP

6144:dT0+tQBQKS6tncKYHeUCDuubfQzKT59NcvWCkVrAY9cIWEMMFoJe:dQ+tQBQF6tncKY+UCDuujFt9N9VrNfWY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4552f13be52ac3d229932ae0ed689398_JaffaCakes118

Files

4552f13be52ac3d229932ae0ed689398_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d554a24d57b43a895778a6e4bff91daa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

LoadAlterBitmap
GetFileTitleA
ChooseFontW
GetSaveFileNameW
ReplaceTextW
GetSaveFileNameA
FindTextW
ChooseColorA
GetOpenFileNameW
PrintDlgW
ChooseColorW
ReplaceTextA

gdi32

SetDeviceGammaRamp
GetObjectW
SetMapMode
SelectPalette
PolyPolyline
GetRegionData
GetMetaFileBitsEx
GetTextMetricsW
PaintRgn
GetFontLanguageInfo
GdiPlayJournal
ArcTo
RoundRect
CreateSolidBrush
OffsetViewportOrgEx
GetDCOrgEx

user32

EnumDisplayDevicesA
GetDesktopWindow
LoadImageA

advapi32

RegSetValueA

kernel32

MultiByteToWideChar
GetACP
GetStringTypeA
GetFileType
HeapReAlloc
GetCurrentThreadId
CompareStringA
FreeEnvironmentStringsW
GetStartupInfoW
WaitForSingleObjectEx
SetEnvironmentVariableA
LoadLibraryA
TlsGetValue
GetTimeZoneInformation
GetTickCount
GetStdHandle
IsValidCodePage
FreeLibrary
TlsFree
GetModuleHandleA
GetModuleFileNameA
GetCommandLineA
CompareStringW
GetCurrentProcessId
FreeEnvironmentStringsA
CreateToolhelp32Snapshot
GetCPInfo
GetCurrentProcess
IsDebuggerPresent
GetOEMCP
HeapFree
LCMapStringW
InterlockedDecrement
ExitProcess
GetEnvironmentStringsW
SetConsoleCtrlHandler
UnhandledExceptionFilter
GetCurrentThread
LCMapStringA
GetStringTypeW
GetLastError
HeapCreate
IsValidLocale
VirtualFree
RtlUnwind
GetSystemTimeAsFileTime
GetLocaleInfoW
SetUnhandledExceptionFilter
GetProcAddress
VirtualQuery
GetVersionExA
GetUserDefaultLCID
EnumSystemLocalesA
GetDateFormatA
TerminateProcess
GetCommandLineW
GetEnvironmentStrings
InterlockedExchange
HeapAlloc
QueryPerformanceCounter
GetProcessHeap
DeleteCriticalSection
FlushConsoleInputBuffer
InterlockedIncrement
VirtualAlloc
CreateDirectoryExA
InitializeCriticalSection
SetHandleCount
WideCharToMultiByte
WriteFile
Sleep
HeapDestroy
TlsSetValue
TlsAlloc
CreateDirectoryW
GetStartupInfoA
GetLocaleInfoA
LeaveCriticalSection
GetTimeFormatA
EnterCriticalSection
SetLastError
GetModuleFileNameW
HeapSize

shell32

SHFileOperation
ShellExecuteEx
SHFormatDrive
SheSetCurDrive
ShellExecuteW

Sections

.text
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d554a24d57b43a895778a6e4bff91daa

Headers

File Characteristics

Imports

comdlg32

gdi32

user32

advapi32

kernel32

shell32

Sections

.text Size: 145KB - Virtual size: 144KB

.data Size: 114KB - Virtual size: 113KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 145KB - Virtual size: 144KB

.data
Size: 114KB - Virtual size: 113KB

.rsrc
Size: 10KB - Virtual size: 10KB