a44b204d06470f00d36b115f4807553f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a44b204d06470f00d36b115f4807553f_JaffaCakes118
Size

48KB
MD5

a44b204d06470f00d36b115f4807553f
SHA1

967d10da89dc15196a4949f2b0636fc14b17b4d0
SHA256

72c3c4a0e4417f1865688dc92576e6528e00ba508d4c376ecaaa20c4ac9840d6
SHA512

1f6db1b601ad7f3631b35403099b628213b4281353afa94a313ad8944d2c0ca60fb3c7de7fce053dcae1eca529a06b39930ad375e5cb7edc787459c20ca809fb
SSDEEP

768:fsMUMYlTFVO+9PriHt6AyuojFlire7kOY9Y2SXrKo9WJgvS1dVpBT1SnwJ:fsgYlTFVO+xSt65uXr4wY2OmhmS1jT12

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a44b204d06470f00d36b115f4807553f_JaffaCakes118

Files

a44b204d06470f00d36b115f4807553f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c25a25a66dd2c5959c650e1a62af465

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAGetLastError

user32

ClientToScreen
DefDlgProcW
GetFocus
IntersectRect
SendMessageW
GetWindowTextW
MessageBoxA
GetSysColor
InvalidateRect
CharPrevW
GetWindowTextLengthW
ExcludeUpdateRgn
GetClientRect
HideCaret
GetPropW
IsIconic
InflateRect
GetWindowDC
IsWindowUnicode
GetWindow
SetPropW
DrawTextW
GetParent
GetClassInfoW
DrawFocusRect
SetWindowLongW
GetWindowLongW
ScreenToClient
BeginPaint
GetClassNameW
ReleaseDC
UnhookWindowsHookEx
IsWindowEnabled
EndPaint
SetWindowLongA
GetDC
RemovePropW
ValidateRect
CallWindowProcW
GetWindowRect
CharNextW
MapWindowPoints
ShowCaret
OffsetRect
SetWindowsHookExW
CallNextHookEx
GetSystemMetrics
DefWindowProcW

kernel32

LeaveCriticalSection
GetModuleFileNameW
GetModuleHandleA
GlobalDeleteAtom
lstrcmpiW
VirtualAlloc
GetProfileStringW
GetWindowsDirectoryW
lstrlenW
GetCurrentThreadId
EnterCriticalSection
LoadResource
InitializeCriticalSection
FindResourceW
GlobalFree
GetVersion
GlobalAddAtomW
GetSystemDirectoryW
GlobalAlloc
SizeofResource
lstrcmpW
GetEnvironmentVariableW

gdi32

PatBlt
CreateDIBitmap
GetDeviceCaps
GetTextExtentPointW
SetBkColor
DeleteObject
ExtTextOutW
IntersectClipRect
DeleteDC
BitBlt
CreateSolidBrush
SetBkMode
SelectObject
CreateCompatibleDC
SetTextColor

adsldpc

ADsFreeColumn

ntdll

NtFindAtom

Sections

.textbss
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7c25a25a66dd2c5959c650e1a62af465

Headers

File Characteristics

Imports

ws2_32

user32

kernel32

gdi32

adsldpc

ntdll

Sections

.textbss Size: - Virtual size: 1.3MB

.text Size: 512B - Virtual size: 444B

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 448B

.idata Size: 45KB - Virtual size: 45KB

.textbss
Size: - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 444B

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 448B

.idata
Size: 45KB - Virtual size: 45KB