a10705424c3d212ef323bd7690188534_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a10705424c3d212ef323bd7690188534_JaffaCakes118
Size

860KB
MD5

a10705424c3d212ef323bd7690188534
SHA1

9118788de43a3e51859eaf5054b298406d1eec94
SHA256

aefdfc51ab389d96b015f4977443c92605244b111dfe0a8e2415096a2e06a903
SHA512

48565e368a418c55f98d74210d2d99c98927de6af409ecd245ff8c5f2ef0b05377a4c4c1b5a7bc82e261c6dbb2d7ec830550cd5b9789f45c02bf4406023bf3c5
SSDEEP

24576:e0NK2c2oJy3QLdMj007My1isVm3qHMDxSBIJaj6nFT:zNXc225Mj0Xy1T96xSBIgj2FT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a10705424c3d212ef323bd7690188534_JaffaCakes118

Files

a10705424c3d212ef323bd7690188534_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4d1004b49193cef154efc0ccfc576d1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
DeleteFileA
GetTempFileNameW
RaiseException
GetCurrentThreadId
SearchPathW
SetLastError
WaitForMultipleObjects
GetSystemDefaultLangID
GetLocaleInfoW
GetProcessHeap
GetStartupInfoA
ExitProcess
RemoveDirectoryA
CreateFileMappingW
GetFileSize
LocalAlloc
DeviceIoControl
VirtualAlloc
IsBadWritePtr
LCMapStringW
UnhandledExceptionFilter
TerminateThread
lstrcmpiA
MoveFileExW
GetFileAttributesW
InitializeCriticalSection
FlushFileBuffers
GetDriveTypeA
OutputDebugStringW
lstrcpynW
lstrcmpW
GetEnvironmentStringsW
FormatMessageA
GetTimeFormatW
ExpandEnvironmentStringsA
GlobalMemoryStatus
CreateFileW
OpenProcess
SetFileAttributesA
SetEndOfFile
LoadLibraryA
SetUnhandledExceptionFilter

user32

IsDialogMessageW
SetWindowRgn
DrawIcon
LoadMenuW
KillTimer
RegisterClipboardFormatW
PostMessageW
SetWindowsHookExA
CheckMenuItem
UnionRect
GetIconInfo
MoveWindow
SetClipboardData
CallNextHookEx
PtInRect
AdjustWindowRectEx
GetSubMenu
CharUpperW
RegisterWindowMessageA
TrackPopupMenu
GetClassNameA
LoadBitmapW
GetMessageW
MapWindowPoints
UpdateWindow
ScreenToClient
GetSystemMetrics
LoadStringA
CharUpperA
GetSystemMenu

msvcrt

iswdigit
_CxxThrowException
_XcptFilter
exit
__p__commode
__set_app_type
strncmp
wcstoul
_exit
atoi
_wtoi
_unlock
wcsrchr
__getmainargs

Sections

.text
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data/0x
Size: 191KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 347KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d1004b49193cef154efc0ccfc576d1c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 318KB - Virtual size: 318KB

.rdata Size: 1024B - Virtual size: 1024B

.data/0x Size: 191KB - Virtual size: 1.9MB

.rsrc Size: 347KB - Virtual size: 347KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 318KB - Virtual size: 318KB

.rdata
Size: 1024B - Virtual size: 1024B

.data/0x
Size: 191KB - Virtual size: 1.9MB

.rsrc
Size: 347KB - Virtual size: 347KB

.reloc
Size: 1KB - Virtual size: 1KB