698f2f3e3416be8585af1e05d82040e2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

698f2f3e3416be8585af1e05d82040e2_JaffaCakes118
Size

48KB
MD5

698f2f3e3416be8585af1e05d82040e2
SHA1

3f6831ba000ef8aad93b85b4129d109e3f1f97ec
SHA256

e86d0762f29a05f25166563048b1093118df9ce89980b0441a127fbebf867600
SHA512

d7fbe4a52c7c37cd46a885f2b419f4a1f793a20185ad85b3b46de02cf8a0d2e72cb6a4409ac87a6cdfb8b1a798e43a9377557e407b49189c0758b5ca0ff3426b
SSDEEP

768:AUvbyUz6ye5v12Wr0II9/FNvKVrdICfYJOWng2c09gXFR+d001mVxnqpjWMFlcvi:AUvbbeyqOquwYpnR9gVRIF/Faxc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
698f2f3e3416be8585af1e05d82040e2_JaffaCakes118

Files

698f2f3e3416be8585af1e05d82040e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

545763e0ff87702736f9de07558e9312

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

gdi32

DeleteDC
SetTextColor
SetWindowOrgEx
GetTextMetricsA
GetObjectA
DeleteObject
ExtTextOutA
CreateCompatibleDC
BitBlt
DPtoLP
SelectObject
ModifyWorldTransform
CreateFontIndirectA
RestoreDC
SetBkColor
CreateSolidBrush
SetViewportOrgEx
GetDeviceCaps
SaveDC
SetGraphicsMode

advpack

RegInstall

ntdll

NtAddAtom

advapi32

RegDeleteKeyA
RegEnumKeyExA
RegQueryValueExA
RegSetValueExA
RegEnumValueA
RegCloseKey
RegOpenKeyExA

atl

AtlMarshalPtrInProc

kernel32

GetSystemDirectoryA
InitializeCriticalSection
GetWindowsDirectoryA
GetProcessHeap
lstrcpynA
lstrcmpiA
HeapReAlloc
LocalFree
HeapSize
LocalAlloc
lstrlenA
CreateEventA
DeleteCriticalSection
SetEvent
FreeLibrary
CreateThread
DisableThreadLibraryCalls
lstrcatA
HeapAlloc
GetTickCount
lstrcpyA
InterlockedDecrement
GetProcAddress
GetModuleFileNameA
VirtualAlloc
CloseHandle
CreateFileA
lstrcmpA
LoadLibraryA
InterlockedIncrement
HeapFree
GetModuleHandleA

ole32

CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc

user32

ReleaseDC
GetWindowRect
SendMessageA
LoadImageA
TranslateMessage
LoadBitmapA
CreateDialogParamA
wsprintfA
SendDlgItemMessageA
GetClientRect
CharPrevA
ShowWindow
SetWindowPos
GetDC
IsDlgButtonChecked
SetDlgItemTextA
MsgWaitForMultipleObjects
IsWindow
CharUpperA
EnableWindow
EndDialog
DispatchMessageA
DestroyIcon
LoadStringA
MessageBoxA
PeekMessageA
IsDialogMessageA
InvalidateRect
GetDlgItem
DestroyWindow
SetWindowTextA
GetSysColor
CheckDlgButton
SetWindowLongA
GetWindowTextA
DrawTextA
GetWindowLongA
DialogBoxParamA

Sections

.textbss
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

545763e0ff87702736f9de07558e9312

Headers

File Characteristics

Imports

version

gdi32

advpack

ntdll

advapi32

atl

kernel32

ole32

user32

Sections

.textbss Size: - Virtual size: 1.3MB

.text Size: 512B - Virtual size: 428B

.idata Size: 46KB - Virtual size: 45KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 448B

.textbss
Size: - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 428B

.idata
Size: 46KB - Virtual size: 45KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 448B