3d1aaded6acaadcea5b0733714e5c68f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d1aaded6acaadcea5b0733714e5c68f_JaffaCakes118
Size

24KB
MD5

3d1aaded6acaadcea5b0733714e5c68f
SHA1

e09ef4a5dd455955028bd391598207f9d9c380e3
SHA256

e359e431c471de42cf634966398300ce76be714f6f9f1ed15ca748c4a908856b
SHA512

c0a01f8e416a5640ccc1ac9668b664ffa138a4b8e3e092621670fbf5414ec52d841634963e36d0e1818cb2ef8b1ee91c020c38cd2261120e8fda2b489472ca7c
SSDEEP

384:EBL+cjbZLWA0Hik2De8P270lkJXfzu+AWB2DiVWyRKAiBpt04ns3:Ex+cp6CksLP27ZK4B2DiwCzr3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d1aaded6acaadcea5b0733714e5c68f_JaffaCakes118

Files

3d1aaded6acaadcea5b0733714e5c68f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f82ab0c61bbf0dbc3bd32dd77e2d9a20

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc

atl

AtlMarshalPtrInProc

gdi32

DPtoLP
SelectObject
SetBkColor
DeleteDC
SaveDC
GetObjectA
DeleteObject
GetDeviceCaps
SetWindowOrgEx
CreateCompatibleDC
CreateFontIndirectA
SetViewportOrgEx
SetTextColor
BitBlt
ExtTextOutA
GetTextMetricsA
CreateSolidBrush
ModifyWorldTransform
RestoreDC
SetGraphicsMode

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

advpack

RegInstall

advapi32

RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegEnumValueA
RegSetValueExA
RegQueryValueExA
RegCloseKey

user32

InvalidateRect
GetWindowRect
DestroyIcon
SendMessageA
SetDlgItemTextA
IsWindow
CharUpperA
MsgWaitForMultipleObjects
GetWindowTextA
DialogBoxParamA
LoadBitmapA
CreateDialogParamA
IsDialogMessageA
CharPrevA
EndDialog
DestroyWindow
TranslateMessage
GetDC
wsprintfA
DispatchMessageA
DrawTextA
SetWindowPos
SetWindowLongA
EnableWindow
IsDlgButtonChecked
CheckDlgButton
GetClientRect
LoadStringA
SetWindowTextA
GetWindowLongA
LoadImageA
ShowWindow
GetSysColor
GetDlgItem
PeekMessageA
SendDlgItemMessageA
MessageBoxA
ReleaseDC

kernel32

GetDiskFreeSpaceA
CloseHandle
DeleteCriticalSection
SetEvent
LocalAlloc
InitializeCriticalSection
lstrlenA
CreateEventA
GetSystemDirectoryA
lstrcmpA
GetProcessHeap
lstrcpynA
LocalFree
HeapReAlloc
GetModuleFileNameA
GetModuleHandleA
CreateThread
GetTickCount
lstrcmpiA
lstrcatA
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
InterlockedIncrement
HeapFree
lstrcpyA
InterlockedDecrement
DisableThreadLibraryCalls
HeapAlloc
FreeLibrary
VirtualAlloc
HeapSize

ntdll

NtAddAtom

Sections

.textbss
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f82ab0c61bbf0dbc3bd32dd77e2d9a20

Headers

DLL Characteristics

File Characteristics

Imports

ole32

atl

gdi32

version

advpack

advapi32

user32

kernel32

ntdll

Sections

.textbss Size: - Virtual size: 80KB

.text Size: 512B - Virtual size: 428B

.idata Size: 21KB - Virtual size: 21KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 72KB

.textbss
Size: - Virtual size: 80KB

.text
Size: 512B - Virtual size: 428B

.idata
Size: 21KB - Virtual size: 21KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 72KB