5b13391a2b2d6087b38a7279ed0d0810_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5b13391a2b2d6087b38a7279ed0d0810_JaffaCakes118
Size

48KB
MD5

5b13391a2b2d6087b38a7279ed0d0810
SHA1

a373a0fe8928bfeca690c4783965528fb89f35e6
SHA256

c9eb41300d2d9efcf48c710ba6a796758016da6aae2130e0e197125361c161c6
SHA512

83f27d64cb487087f82a2a56d0363b51917bba7d1af269f59c0ad89b8d476204bc3b051271142ffdfe4abe04458ebdab8409ef97fa081f4f32c239a2c01851a4
SSDEEP

768:A6AcBHYsWsEk3BUVumvBZM9+3gZu+/+LUBsDnETTVBNg0uMPZYscRr2q3HK:mwHY632dBZM9+GWUMn0hB0bRrH3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b13391a2b2d6087b38a7279ed0d0810_JaffaCakes118

Files

5b13391a2b2d6087b38a7279ed0d0810_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c993c0b06bf8c868d4c7bf8fedda6d53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree

atl

AtlMarshalPtrInProc

ntdll

NtAddAtom

advpack

RegInstall

kernel32

GetWindowsDirectoryA
CloseHandle
DisableThreadLibraryCalls
lstrcatA
LocalAlloc
HeapAlloc
FreeLibrary
HeapSize
GetModuleFileNameA
LocalFree
VirtualAlloc
DeleteCriticalSection
GetProcessHeap
InitializeCriticalSection
InterlockedIncrement
CreateFileA
LoadLibraryA
lstrcpyA
CreateEventA
InterlockedDecrement
SetEvent
GetSystemDirectoryA
GetDiskFreeSpaceA
CreateThread
GetModuleHandleA
GetTickCount
lstrcmpA
HeapFree
HeapReAlloc
lstrcmpiA
lstrcpynA
lstrlenA

gdi32

SetTextColor
GetObjectA
BitBlt
CreateFontIndirectA
SetWindowOrgEx
SetViewportOrgEx
GetDeviceCaps
GetTextMetricsA
SelectObject
DeleteObject
SetGraphicsMode
ModifyWorldTransform
ExtTextOutA
CreateSolidBrush
SaveDC
RestoreDC
DPtoLP
SetBkColor
CreateCompatibleDC
DeleteDC

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegQueryValueExA
RegDeleteKeyA
RegEnumValueA
RegSetValueExA

user32

SetDlgItemTextA
GetWindowLongA
wsprintfA
EnableWindow
PeekMessageA
InvalidateRect
SendDlgItemMessageA
CharUpperA
SetWindowTextA
LoadBitmapA
ReleaseDC
DrawTextA
IsDlgButtonChecked
SendMessageA
CreateDialogParamA
EndDialog
TranslateMessage
SetWindowLongA
GetSysColor
GetDlgItem
DispatchMessageA
MessageBoxA
IsWindow
ShowWindow
GetClientRect
SetWindowPos
GetWindowTextA
DialogBoxParamA
DestroyWindow
MsgWaitForMultipleObjects
GetWindowRect
GetDC
DestroyIcon
LoadImageA
CharPrevA
LoadStringA
IsDialogMessageA
CheckDlgButton

Sections

.textbss
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c993c0b06bf8c868d4c7bf8fedda6d53

Headers

File Characteristics

Imports

ole32

atl

ntdll

advpack

kernel32

gdi32

version

advapi32

user32

Sections

.textbss Size: - Virtual size: 1.3MB

.text Size: 512B - Virtual size: 428B

.idata Size: 46KB - Virtual size: 45KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 448B

.textbss
Size: - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 428B

.idata
Size: 46KB - Virtual size: 45KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 448B