531d6f1c95cd288e3e427e8c2ad43852_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

531d6f1c95cd288e3e427e8c2ad43852_JaffaCakes118
Size

265KB
MD5

531d6f1c95cd288e3e427e8c2ad43852
SHA1

a294cccae0fb738aa7a553706255a82fe9778c88
SHA256

edd20a94720762c3c0f6d073994b3e00b8df505f1c6ab90de228e1f108da92eb
SHA512

7166ef66cf902cae7c5f18079fc2c863e2cc08ef4cdf43b47da4fea628b2561457d63fc0d49424fe9e9d71ce69e9ed30265e24b5b5363706b85c8004879eef09
SSDEEP

3072:QaKHjSobYmADVAEjj2U35tpiDkepeadUc2NNHuNKr91XUrwZKNGmYcgzSVv8euhD:ISobYmADV1PFiDH2NMNGPU4KNG1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
531d6f1c95cd288e3e427e8c2ad43852_JaffaCakes118

Files

531d6f1c95cd288e3e427e8c2ad43852_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ac1244d956af0a5287075d8a78e81b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemLocalesA
EnumSystemCodePagesA
GetVersionExA
LoadLibraryExW
RtlUnwind
GetLocaleInfoW
GetFileSize
GetCurrentProcess
GetEnvironmentStrings
VirtualAlloc
HeapSize
GetTimeZoneInformation
HeapReAlloc
GetCommandLineA
EnumResourceTypesA
GetCPInfo
CompareStringW
UnhandledExceptionFilter
GetModuleFileNameA
EnterCriticalSection
GetLocaleInfoA
TlsSetValue
FreeEnvironmentStringsW
GetLastError
TlsFree
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetEnvironmentStringsW
LocalCompact
GetStdHandle
QueryPerformanceCounter
MultiByteToWideChar
IsDebuggerPresent
VirtualFree
InterlockedIncrement
LCMapStringW
WritePrivateProfileSectionW
HeapAlloc
GetCurrentThread
HeapFree
GetDateFormatW
Sleep
GetCurrentProcessId
GetPriorityClass
GetModuleFileNameW
TlsAlloc
IsValidLocale
GetStartupInfoW
GlobalFindAtomA
FreeLibrary
GetOEMCP
DeleteCriticalSection
SetHandleCount
IsValidCodePage
GetConsoleTitleA
GetNamedPipeInfo
SetUnhandledExceptionFilter
SetLastError
SetEnvironmentVariableA
LockFile
CompareStringA
InterlockedDecrement
TlsGetValue
lstrlen
SetEnvironmentVariableW
GetStartupInfoA
GetProcAddress
GetACP
GetCommandLineW
FreeLibraryAndExitThread
GetUserDefaultLCID
InterlockedExchange
WideCharToMultiByte
SetConsoleCtrlHandler
GetDateFormatA
VirtualQuery
LeaveCriticalSection
LCMapStringA
VirtualUnlock
HeapCreate
GetCurrentThreadId
GetStringTypeW
EnumResourceTypesW
TerminateProcess
FreeEnvironmentStringsA
GetTimeFormatA
GetCurrencyFormatA
WriteFile
InitializeCriticalSection
GetFileType
GetProcessHeap
TryEnterCriticalSection
ExitProcess
HeapDestroy
WriteConsoleOutputA
GetStringTypeA
GetModuleHandleA

comdlg32

ChooseColorA
GetOpenFileNameW
PageSetupDlgW
ChooseFontA
GetOpenFileNameA
FindTextA
ChooseColorW
PageSetupDlgA
GetFileTitleW
PrintDlgA
GetSaveFileNameW
FindTextW
LoadAlterBitmap
ReplaceTextW
ChooseFontW

gdi32

TranslateCharsetInfo
CreateDIBPatternBrush
ScaleViewportExtEx
EnumICMProfilesW
StrokePath
GetTextExtentExPointW

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ac1244d956af0a5287075d8a78e81b2

Headers

File Characteristics

Imports

kernel32

comdlg32

gdi32

Sections

.text Size: 113KB - Virtual size: 112KB

.data Size: 138KB - Virtual size: 137KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 113KB - Virtual size: 112KB

.data
Size: 138KB - Virtual size: 137KB

.rsrc
Size: 13KB - Virtual size: 12KB