7044dfae714611211c3ca6c3ce186736_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7044dfae714611211c3ca6c3ce186736_JaffaCakes118
Size

130KB
MD5

7044dfae714611211c3ca6c3ce186736
SHA1

c88862bb0a791b3c9442689edd5aaa51970072e8
SHA256

51334742b93abb2867488ce09c24ad1fee25c88d4a91fc88caf33f8ad13eb19c
SHA512

31276d42fcca31249282b811b9e649b0d19d4d0f38d28677caa6f328ccf0c402a327c33614ac35c3971cb8c3918bfd47222ce97fe05da70599727d751d5c5cbe
SSDEEP

3072:MpYm61alYMbQaaD5d/UMMnMMMMMX7I7Da:CN6Yl1d28MMnMMMMMa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7044dfae714611211c3ca6c3ce186736_JaffaCakes118

Files

7044dfae714611211c3ca6c3ce186736_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e6753354ac26e5f13ae01673cd0f15a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

kernel32

CompareFileTime
ExitProcess
GetTickCount
GetCommandLineA
SetUnhandledExceptionFilter
HeapReAlloc
lstrlenA
lstrlenW
UnhandledExceptionFilter
LeaveCriticalSection
InterlockedCompareExchange
QueryPerformanceCounter
GetCurrentThreadId
HeapFree
GetProcAddress
EnterCriticalSection
SetProcessWorkingSetSize
FileTimeToSystemTime
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
DeleteCriticalSection
WinExec
VirtualAlloc
GetLastError
HeapAlloc
lstrcmpiA
GetDateFormatA

gdi32

GetTextExtentPointW
GetTextMetricsA
GetTextMetricsW
SelectObject
GetTextExtentPointA
DeleteObject

wintrust

WintrustRemoveActionID
WTHelperGetProvCertFromChain
WintrustAddActionID
WinVerifyTrust
WTHelperGetProvSignerFromChain
WTHelperCertIsSelfSigned

user32

GetDlgItemTextA
SendMessageA
EnableWindow
LoadStringA
DialogBoxIndirectParamW
CreateWindowExW
DialogBoxIndirectParamA
GetParent
GetWindowLongA
LoadImageA
WinHelpA
GetDC
SendMessageW
SetCursor
LoadBitmapA
DialogBoxParamW
CallMsgFilterA
GetDlgItem
SetWindowLongA
GetSysColor
DialogBoxParamA
MessageBeep
SendDlgItemMessageA
GetWindowRect
ReleaseDC
LoadCursorA
SetFocus
SetDlgItemTextA
ShowWindow

shlwapi

StrCatBuffA
StrCatBuffW
wnsprintfA
StrCpyNW

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 15KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 52KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e6753354ac26e5f13ae01673cd0f15a2

Headers

File Characteristics

Imports

shell32

kernel32

gdi32

wintrust

user32

shlwapi

Sections

.text Size: 2KB - Virtual size: 2KB

.data Size: 15KB - Virtual size: 328KB

.rdata Size: 56KB - Virtual size: 55KB

.idata Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 24B

.rsrc Size: 52KB - Virtual size: 124KB

.text
Size: 2KB - Virtual size: 2KB

.data
Size: 15KB - Virtual size: 328KB

.rdata
Size: 56KB - Virtual size: 55KB

.idata
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 24B

.rsrc
Size: 52KB - Virtual size: 124KB