458a74c573f382c5a8f2a7050086424e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

458a74c573f382c5a8f2a7050086424e_JaffaCakes118
Size

655KB
MD5

458a74c573f382c5a8f2a7050086424e
SHA1

089b70eb6f83d2d09708544c77d0aef05f7972f2
SHA256

6e8460da2d55bace70ccd66aa1c9b7da7b3e6dac71479e2e8a1f6423d535160b
SHA512

09d064ccbba005a15286fb6e0d83ce77ae188b6a53d648bf9380458388adaeff5c14af4589e31d156bb6704d9ce048f12f39c3a4ad30c5a9e8cdf95622935a2a
SSDEEP

6144:sbJ4vuHa+LLqM2L5Uy55GTTlKZqKk8/n/Pig9pKl0mnKX60mupFgtNZzVZwSHraD:rgrGLKy55Uonr/KhxJZHrMGj6uBo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
458a74c573f382c5a8f2a7050086424e_JaffaCakes118

Files

458a74c573f382c5a8f2a7050086424e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0f41be3cb937dabff34123390991845

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GlobalAlloc
ExitProcess
GetModuleHandleA
Sleep
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
WinExec
CopyFileA
WriteFile
SetEndOfFile
DeleteFileA
GetVersionExA
CreateFileA
GetFileSize
SetFilePointer
ReadFile
CloseHandle
GetModuleFileNameA
GlobalUnlock
GlobalLock
GetCommandLineA
GetStartupInfoA
QueryPerformanceCounter
GlobalFree

user32

ClientToScreen
GetCursorPos
ScreenToClient
FillRect
SetTimer
KillTimer
SetCapture
ReleaseCapture
SetCursor
EndPaint
BeginPaint
DestroyMenu
CheckMenuItem
InvalidateRect
SetWindowLongA
GetMenu
SetMenu
LoadMenuA
GetCapture
DialogBoxParamA
TrackPopupMenu
GetSubMenu
EnableMenuItem
DefWindowProcA
DestroyWindow
PostQuitMessage
LoadStringA
CreateWindowExA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetWindow
GetDesktopWindow
MoveWindow
EndDialog
GetWindowRect
SetWindowPos
GetDC
ReleaseDC
GetWindowLongA
GetClientRect
WindowFromPoint

gdi32

GetTextMetricsA
CreateFontIndirectA
DeleteObject
SelectObject
StretchDIBits
SetDIBitsToDevice
GdiFlush
CreateCompatibleBitmap
DeleteDC
CreateDIBSection
GetDeviceCaps
CreateCompatibleDC
BitBlt
RealizePalette
SelectPalette
CreateSolidBrush
GetClipBox
RestoreDC
IntersectClipRect
SaveDC
GetSystemPaletteEntries
ExtTextOutA
CreatePalette
EnumFontFamiliesA
SetBkMode
SetTextColor
SetTextAlign

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
RegSetValueA
RegCloseKey

shell32

DragQueryFileA
DragAcceptFiles

winmm

waveOutPrepareHeader
waveOutUnprepareHeader
timeKillEvent
timeEndPeriod
timeGetTime
timeBeginPeriod
timeGetDevCaps
waveOutWrite
waveOutReset
timeSetEvent
waveOutOpen
waveOutGetDevCapsA
waveOutClose

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pmj
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e0f41be3cb937dabff34123390991845

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

winmm

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1024B - Virtual size: 7KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 22KB - Virtual size: 21KB

.reloc Size: 2KB - Virtual size: 2KB

.pmj Size: - Virtual size: 1B

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1024B - Virtual size: 7KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 22KB - Virtual size: 21KB

.reloc
Size: 2KB - Virtual size: 2KB

.pmj
Size: - Virtual size: 1B