0e6583418a33453772d38925f331b58b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0e6583418a33453772d38925f331b58b_JaffaCakes118
Size

111KB
MD5

0e6583418a33453772d38925f331b58b
SHA1

0238dfe267de6df9219cc6ab4a7e49058f516c30
SHA256

0e33f742712c78b89c24fe43e6c4dc2e9d81ecdeb637333d6495217ba390589b
SHA512

1b8b8a87ea312a392d4a7338a136f902cb4c48e1c20e3f6dd986dcaeb8c810c90d7f2ad75d843ae8d76a4b0223265523978e4ef985493760f33b583aca904974
SSDEEP

3072:4u3VU2wD9RmJEtWvbLoenqQC3Wk3uSu4Rbu58:4P2wD9RmMwEQT43uSuyuW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e6583418a33453772d38925f331b58b_JaffaCakes118

Files

0e6583418a33453772d38925f331b58b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

501e7ef3ed8801a3e7540468bd19b0be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowLongW
RedrawWindow
PtInRect
RegisterWindowMessageW
GetClassNameW
ShowWindow
CharUpperA
RegisterClipboardFormatW
IsRectEmpty
RegisterClassExW
GetIconInfo
LoadStringA
GetTopWindow
GetWindowLongW
ReleaseDC
MapWindowPoints
RemoveMenu
EnumWindows
GetDlgItemTextW
SetWindowsHookExA
SystemParametersInfoA
SetFocus
TrackPopupMenu
DefWindowProcA
EndPaint
SystemParametersInfoW
SetWindowTextW
GetMenuItemCount
InflateRect
LoadBitmapW
RegisterClassA
SetDlgItemTextA
RegisterClassW

kernel32

LoadLibraryA
GetFullPathNameA
MulDiv
ExpandEnvironmentStringsW
VirtualAlloc
SetFileAttributesW
FindFirstFileW
DuplicateHandle
CompareStringA
VirtualQuery
FreeEnvironmentStringsA
TlsAlloc
ExitProcess
GetModuleFileNameW
TlsGetValue
lstrcmpiW
GetCurrentThread
SetFileTime
VirtualFree
InterlockedDecrement
WriteFile
lstrcmpiA
IsValidCodePage
LoadResource
WritePrivateProfileStringA
SetLastError
DeviceIoControl
GetStdHandle
HeapAlloc
GetVolumeInformationW
SetHandleCount
LeaveCriticalSection
lstrlenA
EnumSystemLocalesA
CreateFileW
EnterCriticalSection
GetVersionExW
DeleteCriticalSection
LoadLibraryExW
GetEnvironmentVariableA
GetDriveTypeW

msvcrt

??3@YAXPAX@Z
malloc
iswspace
__getmainargs
__set_app_type
__p__commode
fclose
_exit
??1type_info@@UAE@XZ
exit
_wcsicmp
fprintf
__wgetmainargs
_lock
time
memset
_wcsnicmp
_vsnprintf
isdigit

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

501e7ef3ed8801a3e7540468bd19b0be

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

msvcrt

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 92KB - Virtual size: 92KB

.data Size: 15KB - Virtual size: 210KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 92KB - Virtual size: 92KB

.data
Size: 15KB - Virtual size: 210KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B