755e077392dea4e8142e7081d110db44_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

755e077392dea4e8142e7081d110db44_JaffaCakes118
Size

369KB
MD5

755e077392dea4e8142e7081d110db44
SHA1

f270fd67758f173f36495721dab6040722a7dbb1
SHA256

df46bf7dca8c845f3a4e4b1a14c9c1f77a7196fec4f87f6fd70c6f2dfe8240d5
SHA512

ae9dca348da2f9d01fad1226af5e02e27d4eb9295c25c421690a72ae9af1a8fcca39393ee338b085c9d7bb3642042f6fcee15c512fdf9e89066d6fc10ff34772
SSDEEP

6144:JgwCrHs6exmizWULJut/8EH+RfBc1ZZ6XG1rpBd+mNetnrHnMM8TIWBMBD3:JhCbLiXs/vezvXYp+myn5+IWBM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
755e077392dea4e8142e7081d110db44_JaffaCakes118

Files

755e077392dea4e8142e7081d110db44_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3abeb6653fdf9ba329302f8566aa0725

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetClipboardData
ChildWindowFromPointEx
CreateDialogParamA
DialogBoxIndirectParamA
DefDlgProcA
GetDlgItemTextA
SetForegroundWindow
GetLastActivePopup
SetDlgItemTextA
GetDlgCtrlID
MapDialogRect
SetParent
ShowWindow
DestroyWindow

gdi32

AddFontResourceW
BitBlt
ExcludeClipRect
ExtFloodFill
AngleArc
CreateEllipticRgn
CreateFontW
GetBkMode
AddFontResourceA
CombineRgn

kernel32

GetACP
GetOEMCP
LeaveCriticalSection
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetCPInfo
GetStringTypeW
HeapCreate
GetLocaleInfoA
HeapDestroy
GlobalUnlock
PulseEvent
CreateEventA
WideCharToMultiByte
IsBadCodePtr
FoldStringA
LocalReAlloc
GetProcAddress
CloseHandle
VirtualAllocEx
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
HeapFree
VirtualFree
GetLastError
TlsGetValue
SetLastError
TlsSetValue
GetCurrentThreadId
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
TlsAlloc

secur32

AcceptSecurityContext
MakeSignature
CompleteAuthToken
DeleteSecurityContext
ApplyControlToken
EncryptMessage
VerifySignature
DecryptMessage
ExportSecurityContext
FreeCredentialsHandle

netapi32

NetUserChangePassword
NetLocalGroupDelMembers
NetAuditWrite
NetConnectionEnum
NetFileGetInfo
NetConfigSet
NetConfigGet
NetGetJoinInformation
Netbios
NetGroupAddUser
NetGetJoinableOUs
NetAuditRead
NetGetDCName
NetErrorLogRead
NetGetAnyDCName
NetFileClose
NetGroupAdd

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.epzpea
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3abeb6653fdf9ba329302f8566aa0725

Headers

File Characteristics

Imports

user32

gdi32

kernel32

secur32

netapi32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 81KB

.epzpea Size: 331KB - Virtual size: 330KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 81KB

.epzpea
Size: 331KB - Virtual size: 330KB

.rsrc
Size: 3KB - Virtual size: 2KB