3a7f2a304f2f15bf6c777537c52613fb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a7f2a304f2f15bf6c777537c52613fb_JaffaCakes118
Size

371KB
MD5

3a7f2a304f2f15bf6c777537c52613fb
SHA1

cd0b4d032a5b850ec81a70dd1631ab0e65e55ee0
SHA256

33348a33f1a0f14fd1bedcc9c3993a5a2203369167af74e8ee9e18d9230831a9
SHA512

7b162a83a645e6b8760c3b33e2e551c2bf734feaac7e68781730e6674390f739870470f9f83a8fc233ae9052187c785c7fd4c1850f86eb8c8439df742707c7b4
SSDEEP

6144:oYWbymje2TH6WqLZlrC8LQfMPX1caYUqn6emU8oa8eFrjQW37uUF5pQ1k:crNGLxLQfyX1ca+6jU8oahFJ6ly

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a7f2a304f2f15bf6c777537c52613fb_JaffaCakes118

Files

3a7f2a304f2f15bf6c777537c52613fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

352b6fb457cb4eda9ceccb96eae8c1ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExA
GetSysColor
BringWindowToTop
GetWindowThreadProcessId
GetClientRect
DeferWindowPos
GetWindowPlacement
FindWindowA
DialogBoxParamA
GetDlgItemTextA
CreateDialogParamA
EnumWindows

gdi32

Chord
GetBitmapDimensionEx
DeleteDC
DeleteMetaFile
CreateDiscardableBitmap
CopyMetaFileW
DrawEscape
ChoosePixelFormat
CreateCompatibleDC
CombineRgn

kernel32

GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCPInfo
GetStartupInfoA
VirtualProtectEx
GlobalUnlock
GetStringTypeA
GetProcAddress
CopyFileA
VirtualAllocEx
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetLastError
TlsGetValue
SetLastError
TlsAlloc
GetModuleHandleA
GetStringTypeW
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue

secur32

ApplyControlToken
VerifySignature
DeleteSecurityContext
DecryptMessage
MakeSignature
CompleteAuthToken

netapi32

NetUserDel
Netbios
NetFileEnum
NetAuditRead
NetFileGetInfo
NetErrorLogRead
NetGetAnyDCName

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ciicq
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

352b6fb457cb4eda9ceccb96eae8c1ed

Headers

File Characteristics

Imports

user32

gdi32

kernel32

secur32

netapi32

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 80KB

.ciicq Size: 332KB - Virtual size: 331KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 80KB

.ciicq
Size: 332KB - Virtual size: 331KB

.rsrc
Size: 3KB - Virtual size: 2KB