34b5c19bb4b1d258e3206c742231f726_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

34b5c19bb4b1d258e3206c742231f726_JaffaCakes118
Size

109KB
MD5

34b5c19bb4b1d258e3206c742231f726
SHA1

9352344c88213ca909f85ef5fdb19dbe2454bc47
SHA256

908bd4901496e5c09ad13f257bef960e39d26eee9eda1bcc89246150741ecea1
SHA512

0d196cd5bdcc7a4b51db582567c6a93d84eb1ff4b7900da8c7924ffe134300110593d7fa6d3dbe0cdf719724b298995aad4695ec47b10c8e19e19ac6df501fa4
SSDEEP

1536:o2VGqKF4ZsbkGZL2UCwFXKtL1rKkPIDHj3QUYoJfs6ITqaA890/z0CTKVoXQwKj:o2RKFJbNdNrFX4hKrDDQ1oJfCd9Cngb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34b5c19bb4b1d258e3206c742231f726_JaffaCakes118

Files

34b5c19bb4b1d258e3206c742231f726_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c928449b1a8f1b52d68991771002cf6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalReAlloc
GetCurrentThreadId
GetSystemDirectoryA
CreateDirectoryA
GetSystemInfo
CreateProcessA
GetCurrentThread
GetFileType
GetTimeFormatW
GetProcAddress
SetFilePointer
GetModuleHandleW
CompareStringA
CloseHandle
LoadLibraryW
IsBadWritePtr
QueryPerformanceCounter
ExitProcess
lstrcatA
GetExitCodeProcess
GlobalAlloc
LoadLibraryA
FindNextFileW
GetWindowsDirectoryW
CreateDirectoryW
WriteConsoleW
HeapFree
GetModuleHandleA
TerminateThread
GetLastError
SetUnhandledExceptionFilter

tapi32

lineOpenW
lineDevSpecificFeature
lineSetupConference
lineAddToConference

msvcrt

isdigit
_wcsnicmp
atoi
wcsncmp
_wtoi
strncpy
towupper
__p__commode
_acmdln
strcpy
memcpy
wcsncpy
memset
__wgetmainargs
_iob
_vsnprintf

user32

OpenClipboard
RegisterMessagePumpHook
InvalidateRect
ReleaseDC
MsgWaitForMultipleObjects
DialogBoxParamW
LoadAcceleratorsW
GetWindowPlacement
LoadCursorW
GetMenuItemCount
RemoveMenu
GetDlgItem
DeleteMenu
SetScrollPos
GetAsyncKeyState
LoadStringW
DispatchMessageA
RealChildWindowFromPoint
LoadMenuA
SetCapture
SystemParametersInfoW
GetKeyState
PostQuitMessage
ShowWindow

gdi32

SetTextColor
SelectPalette
CreatePen
SetMapMode
PatBlt
CreateSolidBrush
CreateFontIndirectA
SetPixel
BitBlt
SetBkColor
DeleteDC
GetDeviceCaps
SelectObject
SaveDC
CreateCompatibleDC

Exports

Exports

RgdufSxveqroQkapeh
CrswsGkm
XeXnomatzQcrfuoGdkbq
SwyfMpn
StzqxXyezOgusrQb

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

barg
Size: 512B - Virtual size: 277B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c928449b1a8f1b52d68991771002cf6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

tapi32

msvcrt

user32

gdi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

barg Size: 512B - Virtual size: 277B

.data Size: 7KB - Virtual size: 6KB

.rsrc Size: 107KB - Virtual size: 106KB

.reloc Size: 512B - Virtual size: 62B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

barg
Size: 512B - Virtual size: 277B

.data
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 107KB - Virtual size: 106KB

.reloc
Size: 512B - Virtual size: 62B