733053d2d309da99595e5eb0ed075b57_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

733053d2d309da99595e5eb0ed075b57_JaffaCakes118
Size

15KB
MD5

733053d2d309da99595e5eb0ed075b57
SHA1

2c7536084e9d78f020235f6e33056590451a07f3
SHA256

9816d91998b9f9e76a3d95de9e49d9502ea71e5da37cebc84fc53b669b44311d
SHA512

fda6fdb9600f34c8e4da29ddc9f643fda97431abcdc6b45d9270af441bc6417af573aec99e768f6cceccb687dc0b30a8f213f087b8abe9df3bb00ae619c7fa91
SSDEEP

384:z8mOT0nOhlTGkPOsYMLsKDQpYHOoyA/j:wmOT02lTGBwsKDQZBA7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
733053d2d309da99595e5eb0ed075b57_JaffaCakes118

Files

733053d2d309da99595e5eb0ed075b57_JaffaCakes118
.exe windows:4 windows x86 arch:x86

297681465b67fcfe45f6a338aced26d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
FindClose
CreateFileMappingA
UnhandledExceptionFilter
GetCurrentThreadId
ReadFile
lstrlenA
GetEnvironmentStrings
GetACP
FindFirstFileW
InterlockedDecrement
FindResourceA
VirtualProtect
WriteFile
GetSystemTime
SetStdHandle
GetCommandLineA
CloseHandle
GetVolumeInformationW
IsProcessorFeaturePresent
GetFileSize
GetModuleFileNameA
InitializeCriticalSection
DisableThreadLibraryCalls
GetSystemDirectoryW
GetTempFileNameW
LocalFree
SetUnhandledExceptionFilter
GetLastError
GetTickCount
lstrcmpiW
CopyFileA
GetOEMCP
SizeofResource
GetSystemDefaultLangID
GlobalLock
GetCurrentProcessId
VirtualQuery
DeleteFileW
UnmapViewOfFile
HeapSize
TlsGetValue
SetCurrentDirectoryA
CreateThread
DebugBreak
GetTempPathW
GetWindowsDirectoryA
QueryPerformanceCounter
GetStartupInfoA
SetHandleCount
TerminateProcess
TlsSetValue
GetVersion
GlobalMemoryStatus
LeaveCriticalSection
GetFileType
WideCharToMultiByte
InterlockedExchange
CreateProcessA
HeapFree
VirtualFree
GetEnvironmentStringsW
GlobalUnlock
HeapDestroy
GetProcAddress
CreateFileA
GetProcessHeap
EnterCriticalSection
SetEnvironmentVariableA
GetVersionExW
GetModuleHandleA
VirtualAlloc
LoadLibraryA
FreeLibrary
MapViewOfFile
GetCommandLineW
lstrcmpiA

user32

DefWindowProcW
UpdateWindow
GetWindowPlacement
IsWindowEnabled
CallNextHookEx
RedrawWindow
IntersectRect
wsprintfA
CreateWindowExW
MessageBoxA
SetWindowLongW
IsDlgButtonChecked
SetScrollInfo
GetMessagePos
GetScrollPos
SystemParametersInfoA
ShowWindow
SetRect
DrawTextA
UnregisterClassW
GetDlgItem
CharNextW
InvalidateRect
RegisterWindowMessageW
EnableWindow
IsWindow
GetMenu
GetMenuItemCount
GetForegroundWindow
SendMessageW
TranslateMessage

gdi32

SetBkColor
SelectObject

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

297681465b67fcfe45f6a338aced26d0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 7KB - Virtual size: 14KB

.data Size: 512B - Virtual size: 5.0MB

.reloc Size: 512B - Virtual size: 76B

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 7KB - Virtual size: 14KB

.data
Size: 512B - Virtual size: 5.0MB

.reloc
Size: 512B - Virtual size: 76B

.rsrc
Size: 2KB - Virtual size: 2KB