617d2a531fc0c17477b7991e0612f3ff_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

617d2a531fc0c17477b7991e0612f3ff_JaffaCakes118
Size

291KB
MD5

617d2a531fc0c17477b7991e0612f3ff
SHA1

13bbca3b2b356992e2fb64d4bffef6051c12d418
SHA256

99058f95fe761851ea35816e638a7b481a759c92506a3b375a24b66bc713b041
SHA512

ee491b4089de2db671c121f13ab2a6d994149a3ab3156e107f23842c39c2bbd13ecebb17bba7f42092832ab58f877168f145bf85de359637c97ab7de4a79523f
SSDEEP

6144:qlTRPmXn7bVYJtBRw5UsBoy8kpdYPNkx8FdU85H0K:j7b6tBABojKybUg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
617d2a531fc0c17477b7991e0612f3ff_JaffaCakes118

Files

617d2a531fc0c17477b7991e0612f3ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c67af99be95adde12518a58898605b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageW
GetOEMCP
HeapReAlloc
IsValidCodePage
lstrcmpW
InterlockedExchange
Sleep
InterlockedCompareExchange
GetModuleHandleA
GetStartupInfoW
HeapFree
OutputDebugStringA
SetLastError
GetLastError
GetProcessHeap
HeapAlloc
TerminateProcess
lstrlenW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetCommandLineA
VirtualFree
VirtualProtect
GetCPInfoExW
VirtualAlloc
GetStartupInfoA

user32

SetFocus
BeginPaint
GetClientRect
InflateRect
FrameRect
FillRect
EndPaint
GetDC
ScreenToClient
DrawFocusRect
ReleaseDC
SetWindowLongW
GetParent
SendMessageW
GetDlgItemTextW
SetDlgItemInt
LoadBitmapW
IsChild
IsWindowVisible
GetWindowTextW
SetDlgItemTextW
SetWindowTextW
MessageBoxExW
LoadStringW
MessageBoxW
LoadCursorW
RegisterClassW
GetNextDlgTabItem
GetDlgItemInt
CheckRadioButton
ShowWindow
IsWindow
GetDlgCtrlID
IsDlgButtonChecked
EnableWindow
GetSystemMetrics
CheckDlgButton
GetFocus
GetWindowLongW
GetDlgItem
GetWindowRect
GetKeyState
SendDlgItemMessageW
InvalidateRect

gdi32

GetObjectW
CreateSolidBrush
GetNearestColor
DeleteDC
TranslateCharsetInfo
GetTextFaceW
CreateDCW
EnumFontFamiliesExW
GetTextExtentPoint32W
CreateFontIndirectW
DeleteObject
GetTextMetricsW
SetFontEnumeration
SelectObject
BitBlt
GetStockObject

msvcr71

_controlfp
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
iswdigit
_initterm
free
memmove
memset
_vsnwprintf
memcpy
_except_handler3
_onexit

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 528KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c67af99be95adde12518a58898605b4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcr71

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 264KB - Virtual size: 528KB

.sxdata Size: 512B - Virtual size: 8B

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 264KB - Virtual size: 528KB

.sxdata
Size: 512B - Virtual size: 8B

.rsrc
Size: 2KB - Virtual size: 2KB