16dd5d58cc9ba698812d544dd39777ba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16dd5d58cc9ba698812d544dd39777ba_JaffaCakes118
Size

286KB
MD5

16dd5d58cc9ba698812d544dd39777ba
SHA1

a86bbc1040ff2ef93ff8edb63f9385026f9d5da3
SHA256

8f548f1034cd47c60c2255dbbda9d37c2872afbec76e71c574b1dca490d8879f
SHA512

5b5eaeb1dd7f3d85186f96a7454422be9c8828a1d0692de04c148a0a3a17fa8b2fbbc996eb3654e5dff8a2d39782e9ae0c4893d4be98c72527a6eefd24c810b4
SSDEEP

6144:uSFn7F8T9RVd5VACJNRQD8yXJodHO1FkUMegQnh3fOem:puXYCJNO4bcAU/nhrm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16dd5d58cc9ba698812d544dd39777ba_JaffaCakes118

Files

16dd5d58cc9ba698812d544dd39777ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

91edb6fcc15cba4a47993a56075b629e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
LocalFree
GetLastError
MultiByteToWideChar
lstrcpyA
FormatMessageA
WideCharToMultiByte
GetFileAttributesExA
CompareFileTime
WaitForMultipleObjects
FindFirstChangeNotificationA
CreateEventA
GetFileInformationByHandle
lstrcpyW
GetSystemTime
EnumTimeFormatsW
DisableThreadLibraryCalls
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ReleaseMutex
GetPrivateProfileIntA
WaitForSingleObject
Sleep
GetModuleHandleA
ReadFile
InterlockedExchange
lstrlenW
lstrlenA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InitializeCriticalSection
InterlockedDecrement
SetEvent
GetVersion
GetCommandLineA
GetTickCount
GetTimeFormatW
VirtualProtect
GetStartupInfoA

user32

CreateWindowExW
GetDC
RedrawWindow
EnableWindow
GetParent
wsprintfW
DrawTextExW
FillRect
DefWindowProcW
GetWindowLongW
LoadCursorW
UnregisterClassW
ShowWindow
GetKeyState
CallWindowProcW
SetWindowPos
GetWindowRect
wsprintfA
ReleaseDC
RegisterClassW
GetFocus
IsWindowEnabled
SendMessageW
SetWindowLongW
IsWindow
MoveWindow
GetClientRect
LoadStringA
DestroyWindow

advapi32

RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA

gdi32

GetStockObject
GetObjectW
CreateFontIndirectW
GetCharWidthW
SelectObject
GetTextExtentPoint32W
DeleteObject
SetBkMode

ole32

CoTaskMemFree
StringFromCLSID
ProgIDFromCLSID
CoCreateFreeThreadedMarshaler

msvcrt

_except_handler3
__setusermatherr
__getmainargs
_acmdln
exit
_XcptFilter
_exit
memcpy
memset
_initterm
_adjust_fdiv
__dllonexit
_onexit
strchr
strrchr
strncpy
memmove
_CxxThrowException
free
malloc
_beginthreadex
strstr
strpbrk
isspace
strtoul
_stricmp
time
srand
__CxxFrameHandler
_controlfp
__set_app_type
__p__fmode
__p__commode

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 241KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91edb6fcc15cba4a47993a56075b629e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcrt

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 241KB - Virtual size: 241KB

.data Size: 512B - Virtual size: 238KB

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 241KB - Virtual size: 241KB

.data
Size: 512B - Virtual size: 238KB

.rsrc
Size: 21KB - Virtual size: 20KB