3281f0701714b262a8ec18ee0c836315_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3281f0701714b262a8ec18ee0c836315_JaffaCakes118
Size

52KB
MD5

3281f0701714b262a8ec18ee0c836315
SHA1

0d81ed324f2342981bff401d0dceec958b98f6bf
SHA256

cd7a9d7f758c10b71f56dd18d6489d17f8573e7e4c00d80765a214c879a587f5
SHA512

9b07bdc05444f6346288041ab81ad5a06362240afdca428d65f2a8c8cbd89283d10f885cd81a6d36faac28abf1a4dcc26b2ad4920246be501b2a0fd98fe9f29d
SSDEEP

768:3fjBWDbYjWsLohAE5SJIfK0pCA28uBfJu4YDV074tC88QBlIwSdFZGL2P3R8:PcOLWAE5KIfK0pg9uHK74t+QBlTsq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3281f0701714b262a8ec18ee0c836315_JaffaCakes118

Files

3281f0701714b262a8ec18ee0c836315_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7a490a5d66ed3e1991a8a78b39cb5738

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

memset
strlen
_stricmp
strcpy
strcat
fopen
fseek
fclose
strncpy

user32

wsprintfA
SendMessageA
wvsprintfA
GetForegroundWindow
GetActiveWindow
WinHelpA
GetDC
ReleaseDC
DrawIconEx
FillRect
DestroyIcon
LoadImageA
GetIconInfo
MessageBoxA
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
EnableWindow
EnumWindows
GetWindowLongA
CallWindowProcA
DefWindowProcA
SetWindowLongA
ShowWindow
SetWindowTextA
GetWindowTextA
DestroyWindow
GetParent
GetWindow
CreateWindowExA
GetPropA
SetPropA
GetWindowTextLengthA
SetWindowPos
PostMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
LoadCursorA
LoadIconA
RegisterClassA
GetSysColor
AdjustWindowRect
GetSystemMetrics
GetWindowRect
SetActiveWindow
GetMessageA
TranslateAcceleratorA
GetClassNameA
SetFocus
UnregisterClassA
DestroyAcceleratorTable
GetFocus
IsChild
EnumChildWindows
GetKeyState
CreateAcceleratorTableA
SetCursorPos
SetCursor
SystemParametersInfoA
SetCapture
GetCursorPos
MapWindowPoints
ReleaseCapture
MoveWindow

gdi32

DeleteDC
CreateDCA
StartDocA
StartPage
EndPage
EndDoc
GetCurrentObject
GetTextAlign
GetTextColor
GetBkMode
GetBkColor
GetROP2
SelectObject
SetTextAlign
SetBkMode
SetBkColor
SetROP2
GetDeviceCaps
CreateSolidBrush
CreatePen
SetTextColor
DeleteObject
MoveToEx
LineTo
SetPixelV
Rectangle
Ellipse
GetObjectA
SelectPalette
RealizePalette
GetDIBits
GetObjectType
CreateCompatibleDC
SetStretchBltMode
StretchDIBits
StretchBlt
BitBlt
GetStockObject
TextOutA
CreateCompatibleBitmap
SetDIBits
CreateBrushIndirect
CreateFontA

comdlg32

PrintDlgA
GetSaveFileNameA
GetOpenFileNameA

comctl32

InitCommonControls

kernel32

GetModuleHandleA
GetCommandLineA
ExitProcess
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
GetProfileStringA
LoadLibraryA
GetProcAddress
GlobalAlloc
GlobalFree
HeapReAlloc
CreateFileA
ReadFile
CloseHandle
GetCurrentThreadId
GetCurrentProcessId
WaitForSingleObject
MulDiv
SetFilePointer
GetFileSize
WriteFile

shell32

ShellExecuteExA

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.flat
Size: 512B - Virtual size: 195B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7a490a5d66ed3e1991a8a78b39cb5738

Headers

File Characteristics

Imports

crtdll

user32

gdi32

comdlg32

comctl32

kernel32

shell32

Sections

.text Size: 41KB - Virtual size: 40KB

.data Size: 6KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 3KB

.flat Size: 512B - Virtual size: 195B

.text
Size: 41KB - Virtual size: 40KB

.data
Size: 6KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 3KB

.flat
Size: 512B - Virtual size: 195B