70c65aedfbbc8c92641694a1b5055810_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

70c65aedfbbc8c92641694a1b5055810_JaffaCakes118
Size

47KB
MD5

70c65aedfbbc8c92641694a1b5055810
SHA1

e07037bf7d74848bfd72d85e2f758489b9a4ab78
SHA256

9291e213294c3b28203c505b5fba0a018fda6455d7a6d923976b7f87755c5036
SHA512

2d53ac7327820e587bb30512486280426162c360f98c73f6e762a399ed9617d3ceb8093c5d07a16cdc816fd4ba449d24747766fcd67e89f5b57b589e7571c45b
SSDEEP

768:2linUP4NeG+Iar0ka7JRPmc6rtlaN3aPM0vstNKu8InM:weUPqebAlRPL6hoz0vIrnM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70c65aedfbbc8c92641694a1b5055810_JaffaCakes118

Files

70c65aedfbbc8c92641694a1b5055810_JaffaCakes118
.exe windows:4 windows x86 arch:x86

021bba18280ffd031e5e67e868623220

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA

advapi32

RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegCloseKey
RegCreateKeyA

user32

PostQuitMessage
GetDlgItemTextA
CharNextA
GetDlgItem
EndDialog
GetParent
DestroyWindow
DialogBoxParamA
SendDlgItemMessageA
SetDlgItemTextA
MessageBoxA
LoadIconA
RegisterClassA
LoadStringA
CreateWindowExA
CreateDialogParamA
SetFocus
GetMessageA
TranslateMessage
IsDialogMessageA
DefWindowProcA
DispatchMessageA

msjet35

ord185

kernel32

IsDBCSLeadByte
GetCurrentDirectoryA
GetLastError
SetFilePointer
GetFullPathNameA
FlushFileBuffers
HeapFree
WriteFile
HeapCreate
GetStdHandle
GetFileType
SetHandleCount
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
RtlUnwind
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
CloseHandle
OpenFile
GetTempFileNameA
GetVersionExA
GetProcAddress
LoadLibraryA
FreeLibrary
SetStdHandle
GetFileAttributesA
GetModuleHandleA
MoveFileA
GetStartupInfoA
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
HeapAlloc
ExitProcess
GetCommandLineA
GetVersion
GetCPInfo

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 213B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

021bba18280ffd031e5e67e868623220

Headers

File Characteristics

Imports

comdlg32

advapi32

user32

msjet35

kernel32

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 512B - Virtual size: 213B

.data Size: 4KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 13KB - Virtual size: 13KB

.reloc Size: 4KB - Virtual size: 24KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 512B - Virtual size: 213B

.data
Size: 4KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 13KB - Virtual size: 13KB

.reloc
Size: 4KB - Virtual size: 24KB