4780b77c2c10961572941052b4846f4d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4780b77c2c10961572941052b4846f4d_JaffaCakes118
Size

40KB
MD5

4780b77c2c10961572941052b4846f4d
SHA1

4fd1cc456eafa8b873931f155a106c443cd08fe3
SHA256

407a4636fc33a7f025dd7c0ad7cd2bd65710ac3be2f442a6b07b0e81c91e3236
SHA512

0914b8a96291fcc3633a79715e482ea21eb69dfa150fdfe8625f8ab8028232f6eb7d41ec62d8cf76de84fec6f5a8534894efbd18b7053f1d0f05fa190ab90c40
SSDEEP

768:UAOQnn+KbZ263TmZRK+jkAJslQNikdxg:UAOQnn263TmW6kbOd6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4780b77c2c10961572941052b4846f4d_JaffaCakes118

Files

4780b77c2c10961572941052b4846f4d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2fbf557385ed19f21682bc4e6900ae47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerFindFileA

kernel32

GlobalAlloc
LocalAlloc
lstrlenA
GetWindowsDirectoryA
_lclose
_lopen
GetPrivateProfileStringA
ResumeThread
SetPriorityClass
GetCurrentProcess
SetThreadPriority
GlobalUnlock
LocalFree
CloseHandle
WriteFile
GetShortPathNameA
CreateFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
_hread
_lread
_llseek
GetModuleFileNameA
GlobalLock
GlobalFree
HeapReAlloc
CreateProcessA
GetCurrentThread
CompareStringW
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetProcAddress
VirtualAlloc
HeapAlloc
HeapFree
GetTimeZoneInformation
LCMapStringW
LCMapStringA
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
GetFileType
SetHandleCount
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
FreeEnvironmentStringsA
UnhandledExceptionFilter
RtlUnwind
CompareStringA
GetACP
SetEnvironmentVariableA
GetOEMCP
GetCPInfo
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RemoveDirectoryA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindNextFileA
ExitProcess
DeleteFileA
FindFirstFileA
GetLastError
TerminateProcess

user32

DdeDisconnect
wsprintfA
DdeFreeStringHandle
DdeClientTransaction
LoadIconA
LoadCursorA
RegisterClassA
CreateDialogParamA
IsDialogMessageA
TranslateMessage
DdeInitializeA
DdeUninitialize
FindWindowA
CreateWindowExA
BringWindowToTop
ShowWindow
UpdateWindow
DestroyWindow
DispatchMessageA
GetMessageA
GetClientRect
BeginPaint
FillRect
EndPaint
DefWindowProcA
PostQuitMessage
IsIconic
GetWindowTextA
GetDlgItemTextA
SetWindowTextA
SetDlgItemTextA
GetWindowRect
SetWindowPos
GetDlgItem
EnableWindow
IsDlgButtonChecked
DdeCreateStringHandleA
DdeConnect
LoadStringA
MessageBoxA
GetSystemMetrics
GetLastActivePopup

gdi32

SetBkColor
DeleteObject
SelectObject
CreateSolidBrush
GetStockObject

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fbf557385ed19f21682bc4e6900ae47

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 7KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 7KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 2KB