377e6a1600f57a2e19b8dd6f43d8846d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

377e6a1600f57a2e19b8dd6f43d8846d_JaffaCakes118
Size

95KB
MD5

377e6a1600f57a2e19b8dd6f43d8846d
SHA1

c127095aaee927ba9d17cf3a646ab506f9c4ffb4
SHA256

7e66b38ab7c5f3f259d351c2d3c4aad02f96bba951ff2d712f3824c59d7921f2
SHA512

806f7a65b8711f50487d6199fa8e49edf0eb678be149a7ef4817a0cfde68c659b2bd50f00c91b73d486e6463afa426628cbec0e908d08226c78e3d0f0f6dcdb0
SSDEEP

1536:3YlenMwi1j1TETahZq3GJ2Dxwc9+0vJzLARgSDq9fAdwdtI53w48:IHwUTGahIi2DvNvJveW9YEINw48

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
377e6a1600f57a2e19b8dd6f43d8846d_JaffaCakes118

Files

377e6a1600f57a2e19b8dd6f43d8846d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

94d749606cc4edaa79da92a401fb0aa6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

malloc
memset

wininet

InternetCloseHandle
InternetOpenA

shell32

ord747

ole32

CoGetClassObject
CoTaskMemFree
CoGetMalloc
CoTaskMemAlloc

msimg32

GradientFill

kernel32

CompareStringA
CloseHandle
WriteProcessMemory
OpenProcess
WriteFile
MoveFileA
CreateMutexA
WaitForMultipleObjects
ReleaseMutex
HeapAlloc
GetProcessHeap
ExitProcess
HeapFree
LoadLibraryA

user32

SetWindowLongA
InvalidateRect
DrawEdge
CreateMenu
GetWindowInfo
LoadBitmapA
GetWindowRect
GetWindowLongA
ShowWindow
PostMessageA
DrawTextA
GetDC
ReleaseDC
GetActiveWindow
DestroyWindow
SetWindowTextA
DrawFrameControl
GetWindow
MoveWindow
GetForegroundWindow
CreateWindowExA
ModifyMenuA

gdi32

ExtFloodFill
DrawEscape
DeleteDC
InvertRgn
CreateFontIndirectA
SelectObject
PolyDraw
BeginPath
ExtCreatePen
GetPath
CreateDIBPatternBrush
CreateCompatibleDC
CreateCompatibleBitmap
ExtCreateRegion
EndPath
PathToRegion
ExtTextOutA
GetBitmapBits
SetBitmapBits
BitBlt
CreateFontIndirectW
CreateBitmap
CreateDCA
DeleteObject

Exports

Exports

_ShowMeSomething@16

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cdata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 366B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94d749606cc4edaa79da92a401fb0aa6

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

wininet

shell32

ole32

msimg32

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.cdata Size: 1024B - Virtual size: 1024B

.rsrc Size: 84KB - Virtual size: 84KB

.reloc Size: 512B - Virtual size: 366B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.cdata
Size: 1024B - Virtual size: 1024B

.rsrc
Size: 84KB - Virtual size: 84KB

.reloc
Size: 512B - Virtual size: 366B