6342a70536df3b6e77843898e0514ce3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6342a70536df3b6e77843898e0514ce3_JaffaCakes118
Size

460KB
MD5

6342a70536df3b6e77843898e0514ce3
SHA1

9e456cf63326b92164bb42a774a3e9ccf08b2e60
SHA256

b217e27e1efd8656f916a260a8206d0de7555f5eef22c9d38db8e767a8935f55
SHA512

50ea12d1633f6b27eb07569decd047864181dd5429e1c4c8e4f4d44d1ad3b94dd7f10d1d2b3ee17cf2f9870c5338c1d7bc020f530f9945efeaff9e1e410e1cc1
SSDEEP

3072:q1yXX33agohzMjInnVd6bbKslOwp78Kum5UPFpKxy+UWx0xM3Fy256VeZ9e/PKzM:HXatzMjK76b78KWL66VW9eazm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6342a70536df3b6e77843898e0514ce3_JaffaCakes118

Files

6342a70536df3b6e77843898e0514ce3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a25931a3efd52d3e525ea2f7595b6982

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
CreateProcessA
CreateFileA
CloseHandle
LoadResource
SetErrorMode
FindResourceA
lstrcpyA
GlobalAlloc
GlobalFree
GetLastError
lstrlenA
GetModuleFileNameA
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
lstrcpynA
SetHandleCount
lstrcatA
GetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetStartupInfoA
LockResource
GetFileType
GetCommandLineA
GetModuleHandleA
lstrcmpA

user32

DialogBoxParamA
ShowWindow
SetForegroundWindow
GetLastActivePopup
FindWindowA
LoadStringA
CharNextA
DefDlgProcA
UpdateWindow
InvalidateRgn
DefWindowProcA
EndPaint
GetDlgCtrlID
GetSysColor
GetClientRect
BeginPaint
DrawTextA
SetWindowLongA
GetDlgItem
MessageBoxA
GetWindowRect
GetSystemMetrics
SetWindowPos
LoadIconA
LoadCursorA
RegisterClassA
EndDialog
SetWindowTextA
CheckDlgButton
GetDC
InvalidateRect
ReleaseDC
GetWindowLongA
GetAsyncKeyState
GetParent
PostMessageA
CallWindowProcA

gdi32

CreateFontA
SetBkColor
DeleteDC
TextOutA
CreateDIBSection
SelectObject
GetDeviceCaps
GetTextExtentPoint32A
SetBkMode
CreatePen
SetTextColor
DeleteObject
StretchDIBits
CreateSolidBrush
CreateCompatibleDC
BitBlt
SelectPalette
CreatePalette
GetStockObject
RealizePalette

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 416KB - Virtual size: 416KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lhoyusp
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a25931a3efd52d3e525ea2f7595b6982

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 416KB - Virtual size: 416KB

lhoyusp Size: - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 416KB - Virtual size: 416KB

lhoyusp
Size: - Virtual size: 4KB