5f2b03034bbbd4265afcf33865719837_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5f2b03034bbbd4265afcf33865719837_JaffaCakes118
Size

39KB
MD5

5f2b03034bbbd4265afcf33865719837
SHA1

e118e4f97859b352bccb2e2c859f9641ffda3627
SHA256

42df7c798fd175321ee80c12416753ce2a182c6653f85c0682f48a7639e3cfaa
SHA512

5886e49c67c4871aeb94bd8f60879405b98f8b8c20466f80ff64b3b26ce84dc5cda131f8694a63123914b5310da6cd56ffb11c48fa583a7a2f1cfef8abd6e957
SSDEEP

768:trlUH6ATmEyofMxSV+Rsh9LYkKjligxQuJbuzhpor:LxATmE5fxV+R5k8igxQcbOhc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f2b03034bbbd4265afcf33865719837_JaffaCakes118

Files

5f2b03034bbbd4265afcf33865719837_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fd1adff92b26480e1370a18e15d1feb6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt40

__p__commode
_exit
_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
_adjust_fdiv
__setusermatherr
__getmainargs
_initterm
__p__acmdln
exit
_XcptFilter
atol

kernel32

GlobalAlloc
GlobalFree
GetCommandLineA
lstrcatA
GetWindowsDirectoryA
GetSystemDirectoryA
FreeLibrary
GetModuleHandleA
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcmpiA
GetStartupInfoA
Sleep
GetVersion
GetVersionExA
lstrlenA
SetErrorMode

advapi32

RegCloseKey
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyA
RegQueryValueExA

user32

IsWindowEnabled
GetClientRect
BeginPaint
SetWindowPos
SetWindowLongA
wsprintfA
EndDialog
SendDlgItemMessageA
EnableWindow
GetDlgItem
DialogBoxParamA
SetDlgItemTextA
GetSysColor
EndPaint
DefWindowProcA
GetWindowRect
ScreenToClient
GetParent
SendMessageA
LoadIconA
LoadStringA
IsWindow
GetWindowLongA

gdi32

CreatePen
MoveToEx
SelectObject
LineTo
DeleteObject

comctl32

CreatePropertySheetPageA
PropertySheetA
ord17

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.murkry
Size: 1024B - Virtual size: 932B

Sharing

General

Malware Config

Signatures

Files

fd1adff92b26480e1370a18e15d1feb6

Headers

File Characteristics

Imports

msvcrt40

kernel32

advapi32

user32

gdi32

comctl32

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 512B - Virtual size: 124B

.data Size: 3KB - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 2KB - Virtual size: 2KB

.murkry Size: 1024B - Virtual size: 932B

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 512B - Virtual size: 124B

.data
Size: 3KB - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 2KB - Virtual size: 2KB

.murkry
Size: 1024B - Virtual size: 932B