45d61448e29c3674e30cf63aaade85c6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45d61448e29c3674e30cf63aaade85c6_JaffaCakes118
Size

48KB
MD5

45d61448e29c3674e30cf63aaade85c6
SHA1

0ff9ce861a4c5930bd6375a57ba06726ea997643
SHA256

e5c4f0c1875ccc272dc5291c17ffe3149d2558f5e091fd225d240a8a00220eb7
SHA512

ce37fc32295bcbb772a8043bf112d8e6d8f40b590c70fbd31b80fcf6bb9945b8b66b0a3e4a184a0de00b6a7ee8943af8864ce5756c40bc16f150a5f4dfac2b4c
SSDEEP

768:RSLVilc7f02RopmyONLhxPk53WeAvWZ3D1wvPt3SsJq64jOholj:oZi+jBopoN1x8Ss3DIJq9yu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45d61448e29c3674e30cf63aaade85c6_JaffaCakes118

Files

45d61448e29c3674e30cf63aaade85c6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa5a1e604ed9546f0850d84ed08ca47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAGetLastError

adsldpc

ADsFreeColumn

user32

DefWindowProcW
GetPropW
BeginPaint
ReleaseDC
ScreenToClient
GetWindow
IsWindowUnicode
DrawTextW
GetDC
IsWindowEnabled
InvalidateRect
SetWindowLongA
MessageBoxA
GetFocus
CharPrevW
HideCaret
DefDlgProcW
GetClientRect
UnhookWindowsHookEx
ClientToScreen
IntersectRect
GetWindowTextW
GetParent
GetWindowRect
EndPaint
GetWindowTextLengthW
SetWindowLongW
CharNextW
OffsetRect
ValidateRect
CallWindowProcW
CallNextHookEx
GetSysColor
RemovePropW
GetSystemMetrics
MapWindowPoints
InflateRect
ExcludeUpdateRgn
ShowCaret
IsIconic
GetClassNameW
SetWindowsHookExW
DrawFocusRect
GetWindowDC
SetPropW
GetClassInfoW
GetWindowLongW
SendMessageW

ntdll

NtFindAtom

gdi32

GetDeviceCaps
CreateDIBitmap
CreateCompatibleDC
PatBlt
GetTextExtentPointW
ExtTextOutW
SetBkMode
DeleteDC
SetTextColor
DeleteObject
SetBkColor
BitBlt
CreateSolidBrush
IntersectClipRect
SelectObject

kernel32

GlobalAddAtomW
GetSystemDirectoryW
GetCurrentThreadId
GlobalDeleteAtom
GlobalAlloc
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
FindResourceW
GetModuleHandleA
GetProcAddress
GetVersion
lstrlenW
lstrcmpiW
GetEnvironmentVariableW
LoadResource
lstrcmpW
InitializeCriticalSection
GlobalFree
VirtualAlloc
GetWindowsDirectoryW
SizeofResource

Sections

.textbss
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

baa5a1e604ed9546f0850d84ed08ca47

Headers

File Characteristics

Imports

ws2_32

adsldpc

user32

ntdll

gdi32

kernel32

Sections

.textbss Size: - Virtual size: 1.3MB

.text Size: 512B - Virtual size: 444B

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 448B

.idata Size: 45KB - Virtual size: 45KB

.textbss
Size: - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 444B

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 448B

.idata
Size: 45KB - Virtual size: 45KB