00da45068f2e11b3638a9fe73377dabb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

00da45068f2e11b3638a9fe73377dabb_JaffaCakes118
Size

160KB
MD5

00da45068f2e11b3638a9fe73377dabb
SHA1

3457d02155cdf48669cfd5c6aee1e7af6c8e87fa
SHA256

057350c26d31d44b937d5b3660759f45e717c22d30efbb388bc42f7f1ddef3a1
SHA512

afdd7976f61b5bf5318dcf86a0d124ca48ffbf1a178d31474d52437ec43225563aad2f29aae7a80d0a5301f831831f62a4921294ae5252e2b5f0e0a5c24ea68b
SSDEEP

3072:B/rEc2N6BxDZ1XTwI3l/JwFQhopQzTgPduetq/vlXuxe5ME+nVUr1:B/rEdN6d1DwI3wQ4mQdpwnl295S5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00da45068f2e11b3638a9fe73377dabb_JaffaCakes118

Files

00da45068f2e11b3638a9fe73377dabb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

11c32b44fec62c502d36156c69577bbf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

PropertySheetA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

WriteFile
GetTimeFormatA
GetDateFormatA
GetLocalTime
_lclose
GetPrivateProfileSectionA
FindClose
ReadFile
GetModuleFileNameA
GetLocaleInfoA
GetUserDefaultLCID
GetWindowsDirectoryA
GetPrivateProfileStringA
CreateMutexA
CompareStringA
lstrlenA
OpenFile
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateProcessA
CloseHandle
CompareStringW
SetEnvironmentVariableA
GetVersionExA
lstrcpynA
GetShortPathNameA
lstrcatA
ReleaseMutex
lstrcpyA
GetLastError
FindFirstFileA
GetTimeZoneInformation
GetStartupInfoA
GetModuleHandleA
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
HeapReAlloc
VirtualAlloc
SetFilePointer
GetOEMCP
GetCommandLineA
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
SetHandleCount
GetFileType
GetEnvironmentStrings
FreeEnvironmentStringsW
FlushFileBuffers
SetStdHandle
GetVersion
ExitProcess
UnhandledExceptionFilter
GetCurrentProcess
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
TerminateProcess
WideCharToMultiByte
HeapAlloc
RtlUnwind
IsBadCodePtr
GetEnvironmentStringsW
FileTimeToLocalFileTime
MultiByteToWideChar
FileTimeToSystemTime
HeapFree

user32

GetDlgItem
GetDlgItemTextA
LoadCursorA
EnumChildWindows
SetCursor
GetParent
SetWindowLongA
PostMessageA
wsprintfA
SendMessageA
LoadStringA
SetFocus
SetDlgItemTextA
GetWindowTextLengthA
FillRect
MessageBoxA
EndPaint
DefWindowProcA
SetRect
ScreenToClient
LoadIconA
GetMessageA
DispatchMessageA
RegisterClassExA
RegisterClassA
CreateWindowExA
GetDlgCtrlID
SetWindowTextA
BeginPaint
LoadBitmapA
GetWindowRect
TranslateMessage

gdi32

SelectObject
CreateCompatibleDC
BitBlt
CreateSolidBrush
GetObjectA
DeleteObject
DeleteDC

comdlg32

CommDlgExtendedError
GetSaveFileNameA

advapi32

RegEnumKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegOpenKeyA
RegSetValueExA
RegCreateKeyExA

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

11c32b44fec62c502d36156c69577bbf

Headers

File Characteristics

Imports

comctl32

version

kernel32

user32

gdi32

comdlg32

advapi32

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 38KB

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 38KB

.rsrc
Size: 76KB - Virtual size: 76KB