6982e6ac31183b858d69651ddc328b8f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6982e6ac31183b858d69651ddc328b8f_JaffaCakes118
Size

105KB
MD5

6982e6ac31183b858d69651ddc328b8f
SHA1

0f367c641bc41688c931d67f4f25fb16be963aeb
SHA256

368cb6a09616ae18bcc7249d996a879a1ef2b7b61587bc358e1f4fb46d36b0ea
SHA512

bd3b48e0d524355e44fea6e9aa24a0416f9bc300ad6ae77cf9ca8221fd2815ca1164931bbc7e8e308df422463157182cde7ab72a9eefdad101267e466151f4e4
SSDEEP

768:nusgeejOZB6GFgTPFY5unlNn0vdLfBHAkqeXOr8wj0bfIPFd:unC6CgTQ6/cdLf6kqeGjAqFd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6982e6ac31183b858d69651ddc328b8f_JaffaCakes118

Files

6982e6ac31183b858d69651ddc328b8f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

288a7ca20e06a3f2e18f9949cd9041f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
lstrlenA
lstrcpynA
GetWindowsDirectoryA
SetErrorMode
FindResourceA
LoadResource
lstrcpyA
lstrcatA
OpenFile
GetSystemDirectoryA
LockResource
GetModuleFileNameA
GetCommandLineA
lstrcmpA
GetVersionExA
GetProcAddress
VirtualAlloc
HeapAlloc
HeapFree
GetStringTypeW
GetStringTypeA
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
WideCharToMultiByte
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
MultiByteToWideChar
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetStartupInfoA
GetModuleHandleA

user32

FindWindowA
DefDlgProcA
ShowWindow
DialogBoxParamA
LoadStringA
CharNextA
UpdateWindow
InvalidateRgn
DefWindowProcA
EndPaint
DrawFocusRect
GetFocus
GetDlgCtrlID
GetClientRect
BeginPaint
GetSysColor
SetWindowLongA
GetWindowRect
GetSystemMetrics
GetDC
ReleaseDC
SetWindowPos
LoadIconA
LoadCursorA
RegisterClassA
EndDialog
SetWindowTextA
CheckDlgButton
GetWindowLongA
GetAsyncKeyState
GetParent
PostMessageA
CallWindowProcA
GetDlgItem
GetLastActivePopup
SetForegroundWindow
MessageBoxA

gdi32

TextOutA
GetDeviceCaps
Rectangle
SelectObject
SetTextColor
SetBkColor
CreatePen
CreateSolidBrush
DeleteObject
StretchDIBits
CreateFontA
GetTextExtentPoint32A

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA

shell32

ShellExecuteA

Exports

Exports

ButtonProc
CdromMenuDlgProc
ConfirmDlgProc
TStaticControlProc
WndProc

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

288a7ca20e06a3f2e18f9949cd9041f9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 9KB - Virtual size: 11KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 75KB - Virtual size: 98KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 9KB - Virtual size: 11KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 75KB - Virtual size: 98KB