747a20365a39b1b517d16a02f83cd4cb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

747a20365a39b1b517d16a02f83cd4cb_JaffaCakes118
Size

68KB
MD5

747a20365a39b1b517d16a02f83cd4cb
SHA1

5b5de656faeaff979b5c296f7d59a7121564e18a
SHA256

d0a4c6e06a443e88051b2584273e38eb7ebb47c0247c9bb50a3fbebebdf6bf75
SHA512

8f12f7303aa2a0dd1dbb96a4312e54e938564a0b6d30ebddca5944c4c7c02ee3a41ce10e470d993ca58caf3923cc914e3058e03f69b3e787e3e01d5c6238d8fd
SSDEEP

768:98Biz/6zUR8+CmDljSAg6iIaz3F3XR4ZjcDcfsON+0zQdm7e:9d5nljZij53HDc1+0zQdL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
747a20365a39b1b517d16a02f83cd4cb_JaffaCakes118

Files

747a20365a39b1b517d16a02f83cd4cb_JaffaCakes118
.exe windows:1 windows x86 arch:x86

b4c6eb9e8b11ece4e14966f7b994f888

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetProfileIntA
GetLastError
LoadLibraryA
FreeLibrary
lstrcmpA
GlobalSize
GetVersion
GlobalAlloc
GlobalFree
GlobalFlags
GlobalLock
GlobalUnlock
lstrcatA
ReadFile
DeleteFileA
MultiByteToWideChar
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
VirtualAlloc
VirtualFree
GetCPInfo
GetOEMCP
GetACP
GetModuleFileNameA
UnhandledExceptionFilter
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
SetEndOfFile
SetStdHandle
GetStdHandle
ExitProcess
LeaveCriticalSection
EnterCriticalSection
GetWindowsDirectoryA
GetCommandLineA
CloseHandle
Sleep
LockFile
UnlockFile
GetFileType
CreateFileA
GetEnvironmentStrings
InitializeCriticalSection
SetFilePointer
WriteFile
RtlUnwind
GetModuleHandleA
GetStartupInfoA

user32

PeekMessageA
DdeQueryConvInfo
DdeConnect
DdeClientTransaction
DdeUninitialize
DdeInitializeA
DdeGetLastError
DdeFreeStringHandle
DdeCreateStringHandleA
wsprintfA
DdeCreateDataHandle
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
GetSystemMenu
ChangeMenuA
ShowWindow
PostQuitMessage
DefWindowProcA
RegisterWindowMessageA
GetMessageA
TranslateMessage
DispatchMessageA
PostMessageA
DdeNameService
DdeDisconnect
DdeGetData
DdePostAdvise
DdeCmpStringHandles
MessageBoxA

gdi32

GetStockObject

Exports

Exports

C_DdeCliCallBack
C_DdeSerCallBack
TwunkWndProc

Sections

��t
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b4c6eb9e8b11ece4e14966f7b994f888

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

����t Size: 41KB - Virtual size: 41KB

.bss Size: - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 1024B

.data Size: 17KB - Virtual size: 17KB

.idata Size: 2KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 130B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 23KB

��t
Size: 41KB - Virtual size: 41KB

.bss
Size: - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 1024B

.data
Size: 17KB - Virtual size: 17KB

.idata
Size: 2KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 130B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 23KB