361d846f9130bc11d5bc0c9345c21d7c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

361d846f9130bc11d5bc0c9345c21d7c_JaffaCakes118
Size

280KB
MD5

361d846f9130bc11d5bc0c9345c21d7c
SHA1

5fb9ae046b79ef70ce2cb005314913fc73ac2164
SHA256

2cc06d72a44b0329aa622930edf84c6c786c023312529617ec7d239a776da590
SHA512

c78f537d4d133774970161adfc452e3abe9fe9163140de150a0ccb9b79b73614aa4e2c535c08a0e5a2cf057d48091340e5c24e4310072071f4c87af66dfc54d8
SSDEEP

6144:hFyz0BNFUwP1KdKekakkr6VdYuxeaVRXGZ:hE4TH123vr6VdZFTGZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
361d846f9130bc11d5bc0c9345c21d7c_JaffaCakes118

Files

361d846f9130bc11d5bc0c9345c21d7c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

37af0e57c1dd55e931528c261850fe7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetProcAddress
LoadLibraryA
GetPrivateProfileIntA
GetLastError
GetVersionExA
ReleaseMutex
CreateMutexA
CloseHandle
GetPrivateProfileStringA
FreeLibrary
InterlockedExchange
LocalAlloc
GetStartupInfoA
GetModuleHandleA
GetLocalTime
RaiseException

user32

GetDlgItem
wsprintfA
ShowWindow
FindWindowA
IsIconic
IsWindowVisible
SetWindowTextA
LoadIconA
LoadCursorA
PostMessageA
SetForegroundWindow
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
LoadStringA
DefWindowProcA
DestroyWindow
PostQuitMessage
CreateDialogParamA
RegisterWindowMessageA
EnumWindows
GetForegroundWindow
MessageBoxA
GetWindowTextA
wvsprintfA
SendMessageA
RegisterClassA
GetSysColor

gdi32

CreateSolidBrush

shell32

Shell_NotifyIconA

bvrpdiag

ord8
ord6
ord3
ord7

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_strnicmp
atoi
strtok
strrchr
memcpy
strlen
??3@YAXPAX@Z
strcpy

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

37af0e57c1dd55e931528c261850fe7f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

bvrpdiag

msvcrt

Sections

.text Size: 8KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 496KB

.rsrc Size: 4KB - Virtual size: 3KB

.text Size: 256KB - Virtual size: 256KB

.text
Size: 8KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 496KB

.rsrc
Size: 4KB - Virtual size: 3KB

.text
Size: 256KB - Virtual size: 256KB