a29e81e1c16ba047d2d34312d06cf230_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a29e81e1c16ba047d2d34312d06cf230_JaffaCakes118
Size

42KB
MD5

a29e81e1c16ba047d2d34312d06cf230
SHA1

dee5528542ed164e3d1ebb33461435933e6d606c
SHA256

927eb29a1315169856858eaf6284ae44b4a132478c064a602ca26b38b486db9e
SHA512

601f0d86d1c6a4ad66943a5b9b016b138e3a15ebec612f1e9cc54c5c8134535d67c4b1e5ffd512b9e2d5e3c071eb013981532b9bcfa508499ee18501293e1393
SSDEEP

768:KwDEq1r1DytZ7kHoyGk8Q0H+3SrWJYYaY:+Ur0tqoAt2rWJYYf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a29e81e1c16ba047d2d34312d06cf230_JaffaCakes118

Files

a29e81e1c16ba047d2d34312d06cf230_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ea61d783200d4f9ab6274843ee99690

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GetCurrentThreadId
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
lstrcmpiA
lstrcpyA
CompareStringA
IsDBCSLeadByte
MulDiv
lstrcmpA
LeaveCriticalSection
GetCurrentProcess
GetFileAttributesW
LockResource
LoadResource
SizeofResource
FindResourceA
GetVersionExA
GetStartupInfoA
GetModuleHandleA
LoadLibraryA
FreeLibrary
OutputDebugStringA
DebugBreak
lstrlenA
InterlockedDecrement
InterlockedIncrement
CloseHandle
CreateToolhelp32Snapshot
Process32First
OpenProcess
FindClose
Process32Next
WaitForMultipleObjects
ExpandEnvironmentStringsW
FindFirstFileW
FindNextFileW
FlushInstructionCache

user32

GetWindowRect
SystemParametersInfoA
MapWindowPoints
SetWindowPos
GetWindow
PostQuitMessage
EnableWindow
GetSystemMetrics
LoadImageA
IsDialogMessageA
MessageBoxA
PostMessageA
wvsprintfA
CharNextA
GetDlgItem
IsCharAlphaNumericA
wsprintfA
CreateWindowExA
CallWindowProcA
IsWindowEnabled
GetSysColor
FillRect
ReleaseDC
GetDC
GetClientRect
DrawTextA
OffsetRect
GetClassNameA
GetWindowLongA
SetWindowLongA
CreateCursor
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetParent
GetCursorPos
ScreenToClient
EndPaint
BeginPaint
SendMessageA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
CreateDialogParamA
LoadCursorA
SetCursor
IsWindow
DestroyWindow
PtInRect
SetFocus
SetCapture
GetCapture
ReleaseCapture
InvalidateRect
UpdateWindow
DestroyCursor
SetRectEmpty
DefWindowProcA
ShowWindow
SetWindowTextA

gdi32

GetDeviceCaps
SetBkMode
SetTextColor
DeleteDC
SelectObject
GetStockObject
DeleteObject
CreateFontIndirectA
GetObjectA

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

ole32

CoUninitialize
CoInitialize

comctl32

InitCommonControlsEx
_TrackMouseEvent

msvcrt

strncpy
fread
_wfopen
fseek
ftell
fclose
malloc
realloc
free
_purecall
??2@YAPAXI@Z
atoi
_ismbcdigit
wcslen
_mbsstr
memcpy
??3@YAXPAX@Z
memmove
_beginthreadex
memset
_mbscmp
wcscpy
wcscat
wcscmp
strlen
_stricmp
strstr
fwrite
_exit
_XcptFilter
exit
_acmdln
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__getmainargs

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ea61d783200d4f9ab6274843ee99690

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

msvcrt

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 18KB - Virtual size: 17KB