5a7a6bf6472ca172c43dd183388af44b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5a7a6bf6472ca172c43dd183388af44b_JaffaCakes118
Size

116KB
MD5

5a7a6bf6472ca172c43dd183388af44b
SHA1

0bb7cfd6cb165563002206482e68031e83001128
SHA256

20b6ccac3d46bc6396c229f739cdcc7cd8eb316cae3faf6c0ef64b2a2f3616ee
SHA512

e0a57b589a3e84df14c7b2939253c10898bcaa7adf78eb950b9f98735b7503c5e63e8e44fed0acf4eaf14a429e8abc21c9da0bc1517360c9106d5fdbe5d77755
SSDEEP

3072:HChC6NAN/FuTmngEyyIVVoyCVGp1bnrGL0Tk6:H0CTN/gTagEyx/6GX40Tk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
5a7a6bf6472ca172c43dd183388af44b_JaffaCakes118

Files

5a7a6bf6472ca172c43dd183388af44b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cce7bbce77610b9130eb5d1f4d659541

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetProcAddress
HeapSize
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
GetStringTypeA
GetStringTypeW
GetLastError
CompareStringA
CompareStringW
SetEnvironmentVariableA
RaiseException
SetFilePointer
FlushFileBuffers
CloseHandle
LoadLibraryExA
ReadFile
GetEnvironmentStrings
WideCharToMultiByte
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapReAlloc
HeapAlloc
TerminateProcess
GetCurrentProcess
SetStdHandle

user32

DefWindowProcA
GetClientRect
InvalidateRect
DestroyWindow
BeginPaint
DrawTextA
EndPaint
PostQuitMessage
CreateWindowExA
LoadIconA
RegisterClassExA
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
ShowWindow
GetSysColorBrush
GetSysColor
FillRect
ReleaseCapture
PtInRect
LoadCursorA
SetCursor
UpdateWindow
SetCapture
CheckRadioButton
SetDlgItemInt
GetSystemMenu
AppendMenuA
SetMenuDefaultItem
GetDC
DrawEdge
IsDlgButtonChecked
ReleaseDC
EndDialog
DialogBoxParamA

gdi32

RealizePalette
CreateHalftonePalette
SelectPalette
StretchDIBits
BeginPath
MoveToEx
LineTo
EndPath
StrokeAndFillPath
CreateBrushIndirect
Ellipse
CreatePen
Rectangle
SetROP2
CreateSolidBrush
SelectObject
SetBkColor
DeleteObject
LPtoDP
GetPixel

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cce7bbce77610b9130eb5d1f4d659541

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 36KB - Virtual size: 34KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 36KB - Virtual size: 34KB