75069e8fa7825465ca98783c4d3ac76a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

75069e8fa7825465ca98783c4d3ac76a_JaffaCakes118
Size

29KB
MD5

75069e8fa7825465ca98783c4d3ac76a
SHA1

15f3593a2ca35bd5a809c3974f1d23a4688c5526
SHA256

40bbedebe30d8b81920bd7e01d7165cf381eeab271b1d55bad5e9c06933b3c50
SHA512

9f0dfbd0ab229d7c63931d48e9a7c67a2d7593e1457ef8203b9e8723e3042c56689cb94301630ab5127fc6f2dcc9ba481de1c8af46719b0ae1f60a6da00eef15
SSDEEP

384:1NgTEjJKPfZmSm+9FJfw2Rk5n5s1xeUwQWe5tTTZGrFOLGb17KP2iG2F:1N4EtSZmSm+/Jn2n4xeswFOLq502i/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75069e8fa7825465ca98783c4d3ac76a_JaffaCakes118

Files

75069e8fa7825465ca98783c4d3ac76a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d0213d14d4c33a32eae6e7a12265c8fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateAcceleratorA
ValidateRect
SetDlgItemInt
GetKeyboardType
ReleaseCapture
DispatchMessageW
DestroyWindow
GetFocus
LoadImageW
RedrawWindow
ShowWindow
SetDlgItemTextW
EndPaint
TranslateMessage
BeginPaint
PostMessageA
GetWindowTextLengthW
IsWindowVisible
GetSysColor
GetIconInfo
GetCapture
GetMessageW

gdi32

EndPath
CreateSolidBrush
DrawEscape
GetDIBits
GetObjectA
GetRgnBox
SetBkColor
UpdateColors
CreateBrushIndirect
ExtTextOutA
DeleteDC
SelectPalette
CreatePen

comdlg32

ChooseFontW
ChooseColorW
CommDlgExtendedError

wininet

InternetConnectA
GetUrlCacheEntryInfoA
InternetReadFile

kernel32

HeapAlloc
TlsFree
HeapFree
FindAtomW
GetThreadLocale
TlsGetValue
GetProcessVersion
GetVersionExW
WaitForSingleObject
GetTickCount
MoveFileW
GetACP
HeapValidate
LoadLibraryA
GetCommandLineA
GetThreadContext
SystemTimeToFileTime
SizeofResource
GetOverlappedResult
InterlockedExchange
DosDateTimeToFileTime
lstrcatA
GetAtomNameW
TlsAlloc
InitAtomTable
lstrcpyA
AddAtomW
MoveFileA
TlsSetValue
WaitForDebugEvent
OpenEventA
GetFileAttributesExA
FreeResource
GetModuleHandleA
DuplicateHandle

imagehlp

ImageDirectoryEntryToData

msvcrt

_vsnprintf
fgetwc
rand
vfprintf
memset
strcoll

Exports

Exports

YTAPmelbrcek@8
_InsertDataThread@8
MtjJkoqdbtlgsuj@16
SxyLefWwnhatogf@8
_KillDataThreads@12

Sections

.code
Size: - Virtual size: 31KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 137B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0213d14d4c33a32eae6e7a12265c8fe

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

comdlg32

wininet

kernel32

imagehlp

msvcrt

Exports

Exports

Sections

.code Size: - Virtual size: 31KB

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 1KB

.tls Size: 512B - Virtual size: 137B

.CRT Size: 512B - Virtual size: 8B

.rsrc Size: 10KB - Virtual size: 10KB

.reloc Size: 1024B - Virtual size: 528B

.code
Size: - Virtual size: 31KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 1KB

.tls
Size: 512B - Virtual size: 137B

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 10KB - Virtual size: 10KB

.reloc
Size: 1024B - Virtual size: 528B