2f7eda885af3fac705b2d0b4f830012b_JaffaCakes118

General

Target

2f7eda885af3fac705b2d0b4f830012b_JaffaCakes118
Size

5KB
MD5

2f7eda885af3fac705b2d0b4f830012b
SHA1

f3875c282f24b956a98881457df6fd2c7d1f6aff
SHA256

0ed6b8b62fb33a468eea989db642e692cf45e6f95f5f8d569f03096e0e42ba75
SHA512

c6c1c18cb27aef1fb2684030b057f6d7b5842f86b6bfbabfe952473008a35b74d51f7c74006c4fe8d0412b70b109305a92ea7c4afd249d8dd8ac7bc78bfd2f2a
SSDEEP

96:X9hqCqZAE6gN9Gcs60GS6aCiy1U17veQiAyKs0lAzVbPbWd99iDtKYLI9WM:vHq2E6gL46dsC/y17GQiARmVsji51IR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Capture/Capture.exe

Files

2f7eda885af3fac705b2d0b4f830012b_JaffaCakes118
.rar
Capture/Capture.exe
.exe windows:4 windows x86 arch:x86

654d660412b44ccb7fb84b22efd2367f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
SetWindowTextA
SetWindowPos
SetFocus
SetCursor
SetCapture
SendMessageA
ReleaseDC
ReleaseCapture
MessageBoxA
MessageBeep
LoadCursorA
InvalidateRect
GetSystemMetrics
GetParent
GetDlgItem
GetDC
GetClientRect
EndPaint
EndDialog
DialogBoxParamA
CreateDialogParamA
CopyImage
CheckDlgButton
BeginPaint
wsprintfA

kernel32

lstrlenA
lstrcmpA
WideCharToMultiByte
Sleep
ExitProcess
GetCurrentDirectoryA
GetModuleHandleA
GetVersion
GlobalAlloc
GlobalFree
MultiByteToWideChar
RtlZeroMemory

comctl32

InitCommonControls

gdi32

LineTo
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreatePen
DeleteDC
DeleteObject
MoveToEx
SelectObject

gdiplus

GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipGetImageEncoders
GdipGetImageEncodersSize
GdiplusShutdown
GdiplusStartup
GdipSaveImageToFile

comdlg32

GetSaveFileNameA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

654d660412b44ccb7fb84b22efd2367f

Headers

File Characteristics

Imports

user32

kernel32

comctl32

gdi32

gdiplus

comdlg32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 4KB