04e2cef77195d75f061bd62d86422625_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

04e2cef77195d75f061bd62d86422625_JaffaCakes118
Size

312KB
MD5

04e2cef77195d75f061bd62d86422625
SHA1

2a5a39bc70fdaeeead072421d51f340a8d10ca56
SHA256

ddfbcdc91f71be36af09063980d3165445f8f68d94c825fa5bf3b058742fb1de
SHA512

2f4ec17aa4e47eb54f8a5ce26a5890ed1a4779e19b567d2b017650962ff8a9a2ec03d6a3568f37978338558df63215b0d67b10a61fd6c8975cbb54b4222b9528
SSDEEP

6144:G/vKC1p7YfG6lk+TejFdhov1kePtmWtoFY8fHEyPxk5e7FgR:+vKCQTy+TejF7o9k+4vEyJkE7iR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04e2cef77195d75f061bd62d86422625_JaffaCakes118

Files

04e2cef77195d75f061bd62d86422625_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b892fe9a896b1d57e2cc4a85c398afd8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MoveWindow
GetClientRect
SendMessageW
TranslateAcceleratorW
CreateWindowExW
SetDlgItemTextW
GetDlgItem
LoadImageW
ScreenToClient
SetTimer
GetWindowLongW
SetFocus
DestroyWindow
SetWindowLongW
EnumWindowStationsA
CharNextW
GetParent
KillTimer
InvalidateRect
CallWindowProcW

kernel32

VirtualFree
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetLocaleInfoA
GetComputerNameExW
VirtualAlloc
InterlockedDecrement
IsBadCodePtr
GetLastError
HeapCreate
GetStdHandle
GetModuleFileNameA
GetVersionExA
SetFilePointer
FreeEnvironmentStringsW
HeapValidate
ExitProcess
GetCurrentProcessId
GetFileType
GetSystemInfo
OutputDebugStringA
VirtualQuery
InterlockedExchange
GetTickCount
SetThreadAffinityMask
TlsGetValue
GetStringTypeA
UnhandledExceptionFilter
EnterCriticalSection
SetLastError
TlsSetValue
GetProcessHeap
TerminateProcess
InterlockedIncrement
GetEnvironmentStrings
DebugBreak
ExitProcess
MultiByteToWideChar
GetStartupInfoA
LoadLibraryA
DeleteCriticalSection
HeapDestroy
FreeEnvironmentStringsA
GetCommandLineA
WideCharToMultiByte
IsBadReadPtr
GetStringTypeW
GetProcAddress
InitializeCriticalSection
SetStdHandle
LCMapStringA
LeaveCriticalSection
WriteFile
GetCurrentThreadId
SetUnhandledExceptionFilter
GetModuleHandleA
SetHandleCount
LCMapStringW
GetCurrentProcess
IsBadWritePtr
FreeLibrary
RaiseException
CloseHandle
TlsAlloc
QueryPerformanceCounter
HeapFree
FlushFileBuffers
HeapReAlloc
VirtualProtect
HeapAlloc
RtlUnwind
TlsFree

msimg32

TransparentBlt

Sections

.text
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b892fe9a896b1d57e2cc4a85c398afd8

Headers

File Characteristics

Imports

user32

kernel32

msimg32

Sections

.text Size: 183KB - Virtual size: 182KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 121KB - Virtual size: 120KB

.edata Size: 5KB - Virtual size: 76KB

.text
Size: 183KB - Virtual size: 182KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 121KB - Virtual size: 120KB

.edata
Size: 5KB - Virtual size: 76KB