03030995e3c46c2408b1887e646dada8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

03030995e3c46c2408b1887e646dada8_JaffaCakes118
Size

137KB
MD5

03030995e3c46c2408b1887e646dada8
SHA1

e1ca930d7b3a640952fb1f9c40db23d7e119bd75
SHA256

9e90798a123d4bff40f11b67b3b1a8be80d1763d968c1baddad9afe83c980f97
SHA512

e90af6fa58288ddbb899ea90baf5d6c5fe7af8f9e5dd0f02c7b704704a7b4a988e86d537ef75658f6ac1035f3020b1f772fa26cbb879e36682827893e787f1ea
SSDEEP

3072:fAO4TNEdz7FV5hAH4GVzsgQTpXZkMJOS/xse1K11fI/sG:SNC35GHdVnTSBgHg/sG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03030995e3c46c2408b1887e646dada8_JaffaCakes118

Files

03030995e3c46c2408b1887e646dada8_JaffaCakes118
.exe windows:1 windows x86 arch:x86

c84b96fe12338019cd34f2bae5597428

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_acmdln
exit
memcpy
_adj_fdiv_m16i
_controlfp
_initterm
_adjust_fdiv
_XcptFilter
remove
__p__fmode
_wsopen
__p__commode
_exit
_except_handler3
strtol
_wexecv
__set_app_type
__getmainargs
__setusermatherr
_ismbckata

kernel32

LockResource
LCMapStringW
GetStartupInfoA
GetModuleHandleA
QueryPerformanceFrequency
GetLastError
GetDateFormatA
SetErrorMode
QueryPerformanceCounter
LoadResource
VirtualQueryEx
MultiByteToWideChar
SearchPathA
IsBadReadPtr
ExitThread
GetNumberFormatA
lstrcmpiA
WaitForMultipleObjects
LocalFree
GetFileType
GetModuleFileNameA
VirtualProtect
LeaveCriticalSection
GetCurrentDirectoryA
GlobalLock
GetExitCodeThread
FlushFileBuffers
GlobalMemoryStatus
CreateProcessA
GetSystemTimeAsFileTime
PulseEvent
VirtualAlloc
HeapAlloc
RaiseException
GetStringTypeA
CreateThread
FindResourceA
lstrlenA
CreateEventA
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
LoadLibraryA
FreeEnvironmentStringsW
InitializeCriticalSection
GetStringTypeW
GetComputerNameW
GlobalUnlock
HeapCreate
GetCurrentProcessId
SetFilePointer
DuplicateHandle
lstrcmpA

user32

GetWindowRect
OffsetRect
GetDC
BeginPaint
BeginDeferWindowPos
CreateWindowExA
CallWindowProcA
MoveWindow
LoadIconA
SetWindowPos
GetSystemMetrics
EndDialog
DrawFrameControl
GetForegroundWindow
ShowWindow
IsZoomed
GetMenuItemID
IsDlgButtonChecked
SetWindowTextA
InvalidateRect
FrameRect
GetParent
LoadAcceleratorsA
RemoveMenu
MsgWaitForMultipleObjects
EnumChildWindows
SetPropA
LoadMenuA
GetActiveWindow
FindWindowA
EndDeferWindowPos

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c84b96fe12338019cd34f2bae5597428

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 105KB - Virtual size: 144KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 105KB - Virtual size: 144KB

.rsrc
Size: 18KB - Virtual size: 18KB