03be069a88d5bdd4ee0db5763c05bcce_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

03be069a88d5bdd4ee0db5763c05bcce_JaffaCakes118
Size

82KB
MD5

03be069a88d5bdd4ee0db5763c05bcce
SHA1

7dd235fced09c7a7c5ca5f9802b450231e543ee3
SHA256

c81652edd3ccf730035f2d56df752e0a5e43c89b7360cd9243484d1bbe8fa036
SHA512

fd1d684069a95c657ece9c2b632ab79220c8ff9c1e4e8eb7ec8e95914cf04aa1654de9daffe40c228c76d8bbe9590164b94e740a88dd8af64519a00b00ced4a5
SSDEEP

1536:h/xZLTAncqdhdZAeMSSVIbVJgncq+k3Wh2Q4ghfe/b3s3+EttvLaPXFr:h5ZHKcAJbVJO+k3WUs1e/7s3+ClOXFr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03be069a88d5bdd4ee0db5763c05bcce_JaffaCakes118

Files

03be069a88d5bdd4ee0db5763c05bcce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb82049d1a0ca7db70160f0dca99ca37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
GlobalAddAtomA
ExitProcess
GetProcAddress
LoadLibraryA
FreeLibrary
VirtualFree
Sleep
GetProcessHeap
GetStringTypeA
LockResource
HeapDestroy
HeapAlloc
DeleteCriticalSection
GlobalDeleteAtom
GetUserDefaultLCID
GetCPInfo
LoadResource
GetStartupInfoA
GetEnvironmentStrings
VirtualAlloc
FreeResource
CreateThread
GetCurrentProcessId

version

VerInstallFileA
VerFindFileA
GetFileVersionInfoA

user32

GetTopWindow
CharUpperBuffA
AdjustWindowRectEx
CharLowerA
MsgWaitForMultipleObjects
EmptyClipboard
DefFrameProcA
GetScrollPos
ActivateKeyboardLayout
SystemParametersInfoA
DrawIconEx
DrawIcon
EnableWindow
CheckMenuItem
IsWindowVisible
DrawTextA
RegisterClassA
GetMenuItemInfoA
GetClientRect
SetTimer
IsDialogMessageA
IsWindowUnicode
GetMenu
GetLastActivePopup
RegisterClipboardFormatA
InflateRect
ReleaseCapture
DrawFrameControl
GetClassInfoA
CallWindowProcA
IsWindowEnabled
CreatePopupMenu
DeleteMenu
IsZoomed
PostMessageA
TrackPopupMenu
GetSystemMetrics
SetMenuItemInfoA
LoadKeyboardLayoutA
BeginPaint
LoadIconA
ScreenToClient
GetWindowPlacement
RedrawWindow
MoveWindow
PostQuitMessage
TranslateMessage
ScrollWindow
DestroyCursor
PtInRect
SetCursor
IsCharLowerA
UpdateWindow
MapWindowPoints
SetCapture
RegisterWindowMessageA
GetClassNameA
FrameRect
DefMDIChildProcA
GetWindow
EnumChildWindows
GetIconInfo
IntersectRect
ReleaseDC

Exports

Exports

_0J385HWGuAmxKo@12
uUSf7xAmz@16

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb82049d1a0ca7db70160f0dca99ca37

Headers

File Characteristics

Imports

kernel32

version

user32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 12KB - Virtual size: 36KB

.edata Size: 47KB - Virtual size: 47KB

.adata Size: 1024B - Virtual size: 864B

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 12KB - Virtual size: 36KB

.edata
Size: 47KB - Virtual size: 47KB

.adata
Size: 1024B - Virtual size: 864B

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 8KB