06e2068e32c74cd4bea37f256e61f702_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

06e2068e32c74cd4bea37f256e61f702_JaffaCakes118
Size

363KB
MD5

06e2068e32c74cd4bea37f256e61f702
SHA1

039eefc9bed956e74038533982568e04da953f57
SHA256

3c8095e9b9a69d9408833cf198e2bf7c11d647581d5cb4216a82dd70f6c81093
SHA512

abbf542d044cc42c3a048cb12651da7c34f3cbf4cd10b9d76b34b1f64c00bb280d9ce9f5a5e64d044c7af9fb7acac1d08740baa1f7bd6dfcc15ef963b4683be0
SSDEEP

6144:0e2N0dOCGzogTKULqOxmdK4ylktToPHVuIQHQeq2zhF9vCzsXZokGJ:0e2N0drW3THLHmI4gkG9u5HTZZI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
06e2068e32c74cd4bea37f256e61f702_JaffaCakes118

Files

06e2068e32c74cd4bea37f256e61f702_JaffaCakes118
.exe windows:4 windows x86 arch:x86

625710d4987aa95d6de6042bcd7dca83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

4xv1jrmfm.pdb

Imports

rpcrt4

UuidFromStringW
RpcStringFreeW

user32

GetDC
GetDlgItem
ReleaseDC
GetWindowTextW
DialogBoxParamA
DefWindowProcW
GetActiveWindow
InvalidateRect
SendMessageA
RegisterClassA
GetParent
CreateMenu
WinHelpA
SetForegroundWindow
CreateWindowExW
GetSysColorBrush
GetDlgItemTextW
SetWindowTextW
AppendMenuA
GetWindowLongA
ShowWindow
LoadStringW
UpdateWindow
MessageBoxW
GetClientRect
CreateWindowExA
EndPaint
IsWindow
GetWindowRect
GetSysColor
CharUpperA
DestroyMenu
GetDlgItemTextA
BeginPaint
TranslateMessage

olepro32

OleTranslateColor
OleLoadPicture

msvcrt

_wcsicmp
free
strlen
__set_app_type
memset
wcscmp
_initterm
__p__commode
realloc
__CxxFrameHandler
_adjust_fdiv
strncpy
__p__fmode
malloc
__setusermatherr
wcschr
wcslen
_except_handler3
_CxxThrowException
_controlfp
_cexit
wcscat
__initenv
exit
wcsncmp
wcscpy
__getmainargs
_acmdln
_XcptFilter

shlwapi

PathAppendW

kernel32

GetStartupInfoA
MultiByteToWideChar
VirtualAlloc
LocalAlloc
HeapFree
LocalReAlloc
lstrlenW
VirtualProtect
MulDiv
GetVersion
GetCurrentProcess
lstrcmpA
lstrcpynW
GetModuleHandleA
ReadFile
LocalFree
GlobalFree
lstrcpyW
ExitProcess
CloseHandle
GlobalAlloc
GetPrivateProfileIntW
GetACP

winmm

sndPlaySoundW
timeGetTime

comdlg32

GetSaveFileNameA
GetOpenFileNameA

comctl32

InitCommonControls
ImageList_ReplaceIcon

shell32

ExtractIconExA
DragFinish
DragQueryFileA

version

VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
VerLanguageNameW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ole32

OleUninitialize

gdi32

GetStockObject
SelectObject
SetBkColor
CreateCompatibleDC
DeleteObject
BitBlt
TextOutA
CreateSolidBrush
CreateCompatibleBitmap

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 346KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

625710d4987aa95d6de6042bcd7dca83

Headers

File Characteristics

PDB Paths

Imports

rpcrt4

user32

olepro32

msvcrt

shlwapi

kernel32

winmm

comdlg32

comctl32

shell32

version

ole32

gdi32

advapi32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 346KB - Virtual size: 346KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 346KB - Virtual size: 346KB