62a687bbc239b6418a8c59345277b1c3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

62a687bbc239b6418a8c59345277b1c3_JaffaCakes118
Size

80KB
MD5

62a687bbc239b6418a8c59345277b1c3
SHA1

f409f764732646ccf0b47b854bd065e99dc7523a
SHA256

41460dee775ac05b937261e04c348a08684fd1658a01d7e9a0bd39c6153d35b0
SHA512

aac2f5138da2180f98658274b51f131c26ad30f357b0b5a00557400a8ac0e95c4e05110cf68cb583ded8a8822e501e7e703d2ef184569a301b23bd1e61bb51be
SSDEEP

1536:3CV6LRCQ6TW7rCbS+/Nacpw7OYi82YDr5:3VdN6q/CbFFacpmKud

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62a687bbc239b6418a8c59345277b1c3_JaffaCakes118

Files

62a687bbc239b6418a8c59345277b1c3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2ecc1bf0286a3dfe8b35d0b50f9a7c76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetDesktopWindow
OffsetRect
MoveWindow
SetWindowTextA
CheckDlgButton
IsClipboardFormatAvailable
KillTimer
CheckRadioButton
EmptyClipboard
GetDC
SetClipboardData
CloseClipboard
GetDlgItemInt
SetDlgItemInt
GetDlgItemTextA
SetFocus
IsIconic
SetWindowLongA
SetTimer
GetSystemMenu
InvertRect
ReleaseDC
UpdateWindow
SendMessageA
SetCapture
GetWindowLongA
PostQuitMessage
CheckMenuItem
DialogBoxParamA
GetSubMenu
FlashWindow
ReleaseCapture
DefWindowProcA
WinHelpA
CreateWindowExA
DestroyWindow
GetSysColor
LoadStringA
SetClassLongA
ShowWindow
GetMessageA
LoadIconA
RegisterClassA
BeginPaint
TranslateMessage
DispatchMessageA
ScrollWindow
EndPaint
ValidateRect
SetScrollPos
GetWindowRect
SetScrollRange
SetWindowPos
SystemParametersInfoA
GetSystemMetrics
GetDlgItem
LoadCursorA
EndDialog
SendDlgItemMessageA
EnableMenuItem
SetCursor
GetMenu
ModifyMenuA
AppendMenuA
wsprintfA
GetAsyncKeyState
DrawMenuBar
PostMessageA
GetClipboardData
MessageBoxA
OpenClipboard
MessageBeep
GetKeyState
InvalidateRect

comdlg32

ChooseColorA
ChooseFontA
GetOpenFileNameA

wsock32

htons
WSACleanup
WSAStartup
ioctlsocket
gethostbyname
getservbyname
socket
bind
setsockopt
WSAAsyncSelect
send
WSAGetLastError
recv
closesocket
connect

advapi32

RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey

kernel32

HeapFree
VirtualFree
HeapCreate
RtlUnwind
GetFileType
GetStdHandle
HeapDestroy
GetOEMCP
GetCPInfo
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
MultiByteToWideChar
FreeEnvironmentStringsA
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetCurrentProcess
GetModuleFileNameA
ExitProcess
GetVersion
TerminateProcess
GetStartupInfoA
GetModuleHandleA
GetCommandLineA
CloseHandle
CreateFileA
GetACP
GetProcAddress
FreeLibrary
LoadLibraryA
LocalReAlloc
WriteFile
SetLastError
GetThreadLocale
lstrcpyA
OutputDebugStringA
lstrlenA
Sleep
lstrcmpiA
GlobalSize
LocalAlloc
lstrcatA
GlobalAlloc
GlobalLock
LocalFree
GetStringTypeW
HeapAlloc
VirtualAlloc
GetLastError
ReadFile
SetFilePointer
SetStdHandle
FlushFileBuffers
GetStringTypeA
GlobalUnlock
GlobalFree

gdi32

PatBlt
CreateFontIndirectA
CreateSolidBrush
DeleteObject
GetTextMetricsA
SelectObject
TextOutA
ExtTextOutA
SetBkColor
SetTextColor
TranslateCharsetInfo

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2ecc1bf0286a3dfe8b35d0b50f9a7c76

Headers

File Characteristics

Imports

user32

comdlg32

wsock32

advapi32

kernel32

gdi32

Sections

.text Size: 48KB - Virtual size: 47KB

.data Size: 11KB - Virtual size: 24KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 48KB - Virtual size: 47KB

.data
Size: 11KB - Virtual size: 24KB

.rsrc
Size: 16KB - Virtual size: 16KB