294c2169d5102e555c31f0e650415f37_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

294c2169d5102e555c31f0e650415f37_JaffaCakes118
Size

405KB
MD5

294c2169d5102e555c31f0e650415f37
SHA1

8b06b4304eaca2469adc9cf717a73d0757d30350
SHA256

2999b8fa05a9310cfd128afd76e42f69b8e5fbac1886531e62af8ab14f44d6a0
SHA512

9b64ce663aaa68a2e56eae0f9d1cae03256313123d85aa82d1caeb80a87b81073e413ab9ce9d2bd6d7851868c1fe3c5dd4ce76d910f9af4b0e455d29fae15bdc
SSDEEP

3072:oik+tkY/8jrQvN8qmrkvTIVXHdFBcbAsG6NPHBjt6X39lJTntvc6zty2WZVxVgFb:rNcrQvNIYOXPp6NpjYntvc6crOvYN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
294c2169d5102e555c31f0e650415f37_JaffaCakes118

Files

294c2169d5102e555c31f0e650415f37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

34ee43e3af8117a77c1e3d4b8c9fe589

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadStringW
GetMessageW
TranslateMessage
DispatchMessageW
LoadIconW
LoadCursorW
RegisterClassExW
SetTimer
DefWindowProcW
MessageBoxW
BeginPaint
GetWindowRect
MoveWindow
EndPaint
PostQuitMessage
SetFocus
PostMessageW
CreateWindowExW
UpdateWindow
ShowWindow
LoadBitmapW
DestroyWindow
InvalidateRect
SetWindowTextA
GetParent
GetMenuItemID
GetMenu
FrameRect
DrawFocusRect
DrawFrameControl
SetWindowLongA
DialogBoxIndirectParamA
GetClassNameA

kernel32

LCMapStringEx
HeapSize
GetStringTypeW
HeapReAlloc
RtlUnwind
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
IsDebuggerPresent
GetCPInfo
GetACP
IsValidCodePage
Sleep
LeaveCriticalSection
EnterCriticalSection
IsProcessorFeaturePresent
CreateFileW
GetStartupInfoA
GetTempPathW
GetCommandLineW
SleepEx
GetModuleHandleW
GetSystemInfo
lstrcatW
lstrcpyW
GetVersionExW
GetLastError
FlushFileBuffers
GetConsoleCP
SetStdHandle
GetConsoleMode
WriteConsoleW
SetFilePointerEx
GetOEMCP
GetProcAddress
GetCommandLineA
SetLastError
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
CloseHandle
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcessHeap
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitOnceExecuteOnce
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentProcess
TerminateProcess
HeapFree
HeapAlloc
RaiseException

gdi32

CreateCompatibleBitmap
DeleteDC
CreateCompatibleDC

comdlg32

GetOpenFileNameA

comctl32

ord17

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34ee43e3af8117a77c1e3d4b8c9fe589

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

comdlg32

comctl32

Sections

.text Size: 167KB - Virtual size: 167KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 74KB - Virtual size: 87KB

.rsrc Size: 62KB - Virtual size: 62KB

.text
Size: 167KB - Virtual size: 167KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 74KB - Virtual size: 87KB

.rsrc
Size: 62KB - Virtual size: 62KB