69f811e00d1af50de63cf0a56b2e3084_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

69f811e00d1af50de63cf0a56b2e3084_JaffaCakes118
Size

148KB
MD5

69f811e00d1af50de63cf0a56b2e3084
SHA1

1dda19fef2fb483fe4f243533e2d224a5de9e02a
SHA256

d8885a5dd2c9fad5d555574789a408e44b317f80c5b7bf263d4b48b2f6e7ab3c
SHA512

75eec4e7670d973a2aee1fd7ab28eab779c1b77aa2237903ac345d2af307814db20f18947461a8149d9838ea103cc63f932d44a63c4edba86867027df593c462
SSDEEP

3072:cfbKW9qjmPYkSQtuvWNdxYnLsNisdkeNxJ7KaL0EqzggUmw3E:+bxi3GooNisdjnJ7IE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69f811e00d1af50de63cf0a56b2e3084_JaffaCakes118

Files

69f811e00d1af50de63cf0a56b2e3084_JaffaCakes118
.exe windows:4 windows x86 arch:x86

83f12697b4922b87057a99a4f0658901

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
GetTickCount
GetStartupInfoA
GetModuleHandleA
CreateThread
Sleep

user32

MsgWaitForMultipleObjects
PostQuitMessage
DestroyWindow
DefWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
UpdateWindow
ShowWindow
CreateWindowExA
RegisterClassExA
MessageBoxA
LoadIconA
LoadCursorA

ole32

CoInitialize

gdi32

GetStockObject

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@II@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

msvcrt

memmove
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
strcpy
memcpy
memset
??2@YAPAXI@Z
getenv
sprintf
malloc
_stricmp
strcmp
strlen
__CxxFrameHandler
_EH_prolog
_except_handler3

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83f12697b4922b87057a99a4f0658901

Headers

File Characteristics

Imports

kernel32

user32

ole32

gdi32

msvcp60

msvcrt

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 132KB - Virtual size: 131KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 132KB - Virtual size: 131KB