69770b6980542f2976f2ea92a3bc1d79_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

69770b6980542f2976f2ea92a3bc1d79_JaffaCakes118
Size

361KB
MD5

69770b6980542f2976f2ea92a3bc1d79
SHA1

fb9bfc0c8e1adae6a331e5da3c44ff9888e24c12
SHA256

47fefffd99aae6053725b5d8a99c8ca94030266574d9ba0c172f67a20219da9d
SHA512

57cd869079cf3a13ce8a741dabb7c0a51c049019682528912302ec965e6b17f42a9eab7a005f9b751681c2aed8cc077641627a72506836ad1aba3b9258b2d38e
SSDEEP

6144:eHX1CzH1GARJnC29QJYLw2b6HjNZDU3gqqYg7nIrcWSFY:IgPJV6c6DvU3gqqYmtv2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
69770b6980542f2976f2ea92a3bc1d79_JaffaCakes118

Files

69770b6980542f2976f2ea92a3bc1d79_JaffaCakes118
.exe windows:4 windows x86 arch:x86

819a803e630b8b0fde69152e177dc309

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GlobalAlloc
WriteFile
MoveFileA
SetFileTime
CreateFileA
ExpandEnvironmentStringsA
GetModuleHandleA
GetFileAttributesA
LoadLibraryA
DeleteFileA
ExitProcess
SetFilePointer
GetFileSize
ReadFile
GetProcAddress
GetWindowsDirectoryA
SearchPathA
FreeLibrary
GlobalUnlock
WaitForSingleObject
GetTempFileNameA
GetExitCodeProcess
Sleep
GetFullPathNameA
FindFirstFileA
FindClose
GetCurrentProcess
GetDiskFreeSpaceA
GetLastError
FindNextFileA
GetTickCount
GlobalFree
GetShortPathNameA

user32

OpenClipboard
LoadImageA
CreateDialogParamA
CheckDlgButton
GetClientRect
FillRect
CreateWindowExA
GetDC
ScreenToClient
SetWindowTextA
CharPrevA
DialogBoxParamA
SetDlgItemTextA
CloseClipboard
GetDlgItemTextA
GetDlgItem
IsWindowEnabled
wsprintfA
SetClipboardData
GetSysColor
LoadCursorA
DefWindowProcA
SendMessageA
SetCursor
SetClassLongA
ShowWindow
GetSystemMetrics
BeginPaint
LoadBitmapA
DrawTextA
PeekMessageA
DispatchMessageA
GetWindowRect
CreatePopupMenu
RegisterClassA
EndPaint
SetWindowPos
GetClassInfoA

comctl32

ImageList_Merge
ImageList_SetImageCount
ImageList_GetBkColor

advapi32

EncryptedFileKeyInfo
LsaEnumerateTrustedDomains
RegCloseKey

Sections

.text
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 54B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

819a803e630b8b0fde69152e177dc309

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

Sections

.text Size: 75KB - Virtual size: 76KB

.data Size: 143KB - Virtual size: 142KB

.rdata Size: 120KB - Virtual size: 120KB

.bss Size: - Virtual size: 12KB

.idata Size: 2KB - Virtual size: 2KB

.crt Size: 512B - Virtual size: 54B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 75KB - Virtual size: 76KB

.data
Size: 143KB - Virtual size: 142KB

.rdata
Size: 120KB - Virtual size: 120KB

.bss
Size: - Virtual size: 12KB

.idata
Size: 2KB - Virtual size: 2KB

.crt
Size: 512B - Virtual size: 54B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 17KB - Virtual size: 17KB