45f386eb632835e5e6aaad1361abe509_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45f386eb632835e5e6aaad1361abe509_JaffaCakes118
Size

175KB
MD5

45f386eb632835e5e6aaad1361abe509
SHA1

f7412190cdfa8d0dad63a0c503b18c6fcdf11d11
SHA256

25b7890f4a8b016310174b1d6b3d653d72a4c401c5bfe2a97d0dd7762fbf940f
SHA512

b37015216edc42bc838d5518cc76fd5f329a135fa53c48f6839b7fbbecc19046aa46ae200d4c0a83dd74f790ccb383e4e3fe08065f1ea3830b9d3b4646f6eefc
SSDEEP

3072:odDK/mIkD+PrK+zUpWRIOa0EEdloRvvuHaBP5WUkUOKOOwJF6jN1ebvyQsdUPPG:odDMmIkD+PrtN/dl0nuHk5WUXOKy6jjP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45f386eb632835e5e6aaad1361abe509_JaffaCakes118

Files

45f386eb632835e5e6aaad1361abe509_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3bd773f9dabf0cd9db4e7dcee753457d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA

ws2_32

closesocket

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
??3@YAXPAX@Z
exit
_XcptFilter
_exit
free
_except_handler3
rand
strlen
atoi
memcpy
memset
strtok
strcpy
??2@YAPAXI@Z
strcmp
getenv
strcat

kernel32

GetStartupInfoA
VerLanguageNameA
WriteConsoleA
lstrcmpiA
GetCurrentProcess
GetModuleHandleA
ReadProcessMemory
Sleep
GetModuleFileNameW
lstrlenW
WriteProcessMemory
GetCommandLineA
OutputDebugStringA
LoadLibraryA
GetProcAddress
lstrcpyA
CreateMutexA
GetLastError
lstrcmpA
lstrcatA
CreateThread
WaitForSingleObject
ExitProcess
lstrlenA
GetModuleFileNameA

user32

InsertMenuA
CreateWindowExA
GetSubMenu
GetWindowRect
TrackPopupMenu
CallWindowProcA
GetWindowLongA
GetSysColor
SetFocus
GetMessageA
EnableMenuItem
DialogBoxParamA
MessageBoxW
MessageBoxA

gdi32

GetFontData
TextOutA
RealizePalette
DeleteObject

comdlg32

GetSaveFileNameA

shell32

ShellExecuteA
SHGetFileInfoA
ShellExecuteExA

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 46KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3bd773f9dabf0cd9db4e7dcee753457d

Headers

File Characteristics

Imports

version

ws2_32

msvcrt

kernel32

user32

gdi32

comdlg32

shell32

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 46KB - Virtual size: 50KB

.rsrc Size: 108KB - Virtual size: 108KB

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 46KB - Virtual size: 50KB

.rsrc
Size: 108KB - Virtual size: 108KB