774f73dc27539c400d2a0ed520847dd8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

774f73dc27539c400d2a0ed520847dd8_JaffaCakes118
Size

136KB
MD5

774f73dc27539c400d2a0ed520847dd8
SHA1

9d596999d5c672dca08ffc12b8c59c7735922ce3
SHA256

f5f17525d5d37cc8992dad87de8ae198aa53730c539084352d4bb089b9a55e69
SHA512

54022c94e0d2dfe014f70cfea76863b6f5dbbb6e7df369373cdb4934d3d46ddd9a882fcd03a05b0f284eff5159835bf049fcefa5fc1452d2fb996796a5a899a2
SSDEEP

3072:iUZ712TUnbkUVMG3q4xdjFs+5b2GEfJgzTFSE:iUZ72UdUutFHsfJgzT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
774f73dc27539c400d2a0ed520847dd8_JaffaCakes118

Files

774f73dc27539c400d2a0ed520847dd8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2adc65ae22f9e807953f9a37b059a361

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegOpenKeyA

ole32

CoUninitialize
OleRun
CLSIDFromString
StringFromIID

kernel32

GetCPInfo
CreateFileA
GetProcessHeap
DeleteCriticalSection
VirtualAlloc
LocalAlloc
SetThreadLocale
SetEndOfFile
ExitThread
GetCurrentThread
DeleteFileA
WriteFile
GetModuleFileNameA
LoadLibraryA
VirtualFree
lstrcmpA
ExitProcess
HeapFree
VirtualAllocEx
VirtualQuery
GetTickCount
SetEvent

user32

GetClassInfoA
IsIconic
GetPropA
FrameRect
GetDesktopWindow
GetForegroundWindow
GetKeyNameTextA
GetCursorPos
GetCapture
ActivateKeyboardLayout
PtInRect
GetScrollRange
SetPropA
EnableMenuItem
MsgWaitForMultipleObjects
IsRectEmpty
IsMenu
SetRect
PostQuitMessage
DrawIcon
GetMenu
FillRect
SetClassLongA
IsWindowEnabled
GetFocus
CallNextHookEx
GetWindowTextLengthA
MapWindowPoints
GetParent
DestroyMenu
SendMessageA
OpenIcon
wsprintfA
CharNextW
GetLastActivePopup
IsChild
GetDCEx
GetClassLongA
IsDialogMessageW
GetWindowRect
CharLowerBuffA
IsDlgButtonChecked
CheckMenuItem
GetWindowLongA
GetCursor
UnregisterClassA
GetClipboardData
DrawMenuBar
InvalidateRect
SystemParametersInfoA
TrackPopupMenu
UnhookWindowsHookEx
CallWindowProcA
MapVirtualKeyA
MoveWindow
EqualRect
SetTimer
CharNextA
IsZoomed
EnumWindows
SetMenu
FindWindowA
SetParent
GetWindowThreadProcessId

Exports

Exports

2Icjm37FWTGFB@12
_b58TsfdIlEl
kMYfxIVgt9zux@4
5rNBkCw
_Muev0
VWjJnN@16
_yM6YsO9UXxe5
r29Qpf9bill
_Hs9__Zr@12
_BXX4TG64tIE0Y@20
_yJnIJ8xtBeE@24
nGRTCEzMwq@12

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.acdata
Size: 512B - Virtual size: 210B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2adc65ae22f9e807953f9a37b059a361

Headers

File Characteristics

Imports

advapi32

ole32

kernel32

user32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 10KB - Virtual size: 101KB

.data Size: 102KB - Virtual size: 102KB

.edata Size: 1024B - Virtual size: 532B

.acdata Size: 512B - Virtual size: 210B

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 10KB - Virtual size: 101KB

.data
Size: 102KB - Virtual size: 102KB

.edata
Size: 1024B - Virtual size: 532B

.acdata
Size: 512B - Virtual size: 210B

.rsrc
Size: 8KB - Virtual size: 8KB