843ed026ae5079e98135abf28c59c8ff_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

843ed026ae5079e98135abf28c59c8ff_JaffaCakes118
Size

82KB
MD5

843ed026ae5079e98135abf28c59c8ff
SHA1

490fe1d1621596ddfb0699876ff6010c2ce0fd79
SHA256

533842b65dbf053a4402cd2efbe79dda45274f36ad36137b5c6f286b58d9c5cb
SHA512

70580e6f5bc2ca416310d7eb2923299cd9d6f8edb926c8696aa73aa8195b06f9469921db7de4215530091edd328a49f6e3531c56e1f80e05185a5170c56b0a76
SSDEEP

1536:RJ1C+Bc7LAEo/koZ+2TfTQjt47tomYuadHt6zPBx0sZXKA:RJ1F+LzocofbsIYQPH0sdK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
843ed026ae5079e98135abf28c59c8ff_JaffaCakes118

Files

843ed026ae5079e98135abf28c59c8ff_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bc3cf72f8da710708e2f08446426028f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateSolidBrush
SetBkColor
CreateCompatibleDC
GetTextMetricsA
SetTextColor
ModifyWorldTransform
SetWindowOrgEx
DeleteDC
SaveDC
RestoreDC
SelectObject
ExtTextOutA
DPtoLP
SetGraphicsMode
GetObjectA
SetViewportOrgEx
DeleteObject
BitBlt
CreateFontIndirectA
GetDeviceCaps

advapi32

RegQueryValueExA
RegDeleteKeyA
RegEnumValueA
RegEnumKeyExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA

advpack

RegInstall

user32

CharUpperA
EnableWindow
IsDlgButtonChecked
LoadImageA
LoadStringA
SetDlgItemTextA
DialogBoxParamA
MessageBoxA
DestroyWindow
GetDC
ShowWindow
ReleaseDC
DestroyIcon
PeekMessageA
CreateDialogParamA
IsWindow
SetWindowPos
wsprintfA
GetDlgItem
CharPrevA
DispatchMessageA
TranslateMessage
DrawTextA
GetWindowRect
InvalidateRect
EndDialog
SetWindowLongA
MsgWaitForMultipleObjects
CheckDlgButton
GetWindowLongA
GetSysColor
SendDlgItemMessageA
GetClientRect
SendMessageA
SetWindowTextA
GetWindowTextA
LoadBitmapA
IsDialogMessageA

kernel32

lstrcatA
LoadLibraryA
GetDiskFreeSpaceA
lstrcmpA
GetModuleFileNameA
CreateThread
GetProcessHeap
LocalFree
GetModuleHandleA
HeapSize
InterlockedDecrement
GetSystemDirectoryA
InterlockedIncrement
SetEvent
FreeLibrary
lstrcpyA
InitializeCriticalSection
VirtualAlloc
HeapAlloc
CreateFileA
HeapFree
lstrcmpiA
DeleteCriticalSection
lstrlenA
GetProcAddress
CloseHandle
GetWindowsDirectoryA
CreateEventA
LocalAlloc
HeapReAlloc
GetTickCount
lstrcpynA

ole32

CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

atl

AtlMarshalPtrInProc

ntdll

NtAddAtom

Sections

.textbss
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc3cf72f8da710708e2f08446426028f

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

advapi32

advpack

user32

kernel32

ole32

version

atl

ntdll

Sections

.textbss Size: - Virtual size: 1.2MB

.text Size: 512B - Virtual size: 428B

.idata Size: 79KB - Virtual size: 79KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 1024B - Virtual size: 816B

.textbss
Size: - Virtual size: 1.2MB

.text
Size: 512B - Virtual size: 428B

.idata
Size: 79KB - Virtual size: 79KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 1024B - Virtual size: 816B