7254b521b5b901de407d8ed98985a26f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7254b521b5b901de407d8ed98985a26f_JaffaCakes118
Size

38KB
MD5

7254b521b5b901de407d8ed98985a26f
SHA1

a6f2cd404413d08bf3fb73113a4b6a8fb95580c3
SHA256

0947f54deb1710d23308eafc41cec6822ef68189560f2a519bbbd8d49b888553
SHA512

015dd059f20f35d0da1b62920f7c8e3987be772ef0479ee2dcb8a8224fd9f448e277d791fcd40b016151913f43046a8951160fb83a55320191ab6a15a02a1eea
SSDEEP

768:d4nM8MM1LWrFmmZSuoHZAPw+3IqSKXFacF3y8ErMt:d4nMwwrFpEmocRSKVacFCc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7254b521b5b901de407d8ed98985a26f_JaffaCakes118

Files

7254b521b5b901de407d8ed98985a26f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a5aa85161899baef8751c6c8807e5ad1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

atl

AtlMarshalPtrInProc

advpack

RegInstall

advapi32

RegOpenKeyExA
RegCloseKey
RegEnumKeyExA
RegSetValueExA
RegDeleteKeyA
RegEnumValueA
RegQueryValueExA

user32

MessageBoxA
LoadImageA
GetClientRect
DialogBoxParamA
CreateDialogParamA
SendMessageA
SetWindowPos
MsgWaitForMultipleObjects
TranslateMessage
GetDC
GetWindowTextA
GetDlgItem
GetSysColor
LoadStringA
InvalidateRect
DestroyIcon
SendDlgItemMessageA
CharUpperA
SetWindowLongA
SetDlgItemTextA
ShowWindow
GetWindowRect
IsDialogMessageA
CharPrevA
DrawTextA
SetWindowTextA
PeekMessageA
ReleaseDC
DispatchMessageA
EndDialog
DestroyWindow
EnableWindow
IsDlgButtonChecked
CheckDlgButton
IsWindow
LoadBitmapA
wsprintfA
GetWindowLongA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

lstrcmpiA
GetModuleFileNameA
GetDiskFreeSpaceA
lstrcpyA
HeapSize
GetModuleHandleA
lstrcpynA
GetWindowsDirectoryA
InitializeCriticalSection
DisableThreadLibraryCalls
CloseHandle
FreeLibrary
LoadLibraryA
GetProcessHeap
CreateFileA
CreateEventA
SetEvent
HeapReAlloc
lstrcmpA
GetSystemDirectoryA
GetProcAddress
LocalFree
HeapAlloc
LocalAlloc
InterlockedIncrement
GetTickCount
CreateThread
lstrcatA
DeleteCriticalSection
VirtualAlloc
HeapFree
lstrlenA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

ntdll

NtAddAtom

gdi32

SelectObject
CreateSolidBrush
ModifyWorldTransform
DeleteObject
DeleteDC
GetObjectA
SetViewportOrgEx
GetTextMetricsA
SetBkColor
BitBlt
RestoreDC
SetTextColor
DPtoLP
CreateCompatibleDC
SaveDC
SetWindowOrgEx
GetDeviceCaps
CreateFontIndirectA
SetGraphicsMode
ExtTextOutA

Sections

.textbss
Size: - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a5aa85161899baef8751c6c8807e5ad1

Headers

File Characteristics

Imports

atl

advpack

advapi32

user32

version

kernel32

ole32

ntdll

gdi32

Sections

.textbss Size: - Virtual size: 256KB

.text Size: 512B - Virtual size: 428B

.idata Size: 35KB - Virtual size: 35KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 72KB

.textbss
Size: - Virtual size: 256KB

.text
Size: 512B - Virtual size: 428B

.idata
Size: 35KB - Virtual size: 35KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 72KB