a68d19236c329e0212776ea3b1db511a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a68d19236c329e0212776ea3b1db511a_JaffaCakes118
Size

56KB
MD5

a68d19236c329e0212776ea3b1db511a
SHA1

eecc6f9bab86374ea158d271f32ce66cc98487bb
SHA256

1c367b32a493b0e35275a0048a7504374475ced5db2a15c827bdd09060881091
SHA512

f67a457bef853690cc2ce639fad1d44759736a213457d5274f6db68fd56e3f7f27cce8b554479e819340bed127a68ea985887f8b70dd99063fb08debacbe29eb
SSDEEP

768:7ugc5R3jKcd5/WkkRc5IQ/Cxy862aoEKL:C3jKcW3EIQ/N86NoF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a68d19236c329e0212776ea3b1db511a_JaffaCakes118

Files

a68d19236c329e0212776ea3b1db511a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7944ea4ac8b247c1b28c6529783c0950

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
MultiByteToWideChar
VirtualAlloc
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
GetStringTypeW
LCMapStringA
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
GetLastError
HeapFree
HeapSize
GetCurrentProcess
TerminateProcess
ReadFile
SetStdHandle
FlushFileBuffers
CreateFileA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
WideCharToMultiByte
SetEndOfFile
GlobalAddAtomA
CreateProcessA
CloseHandle
GetModuleFileNameA
GetLocalTime
FreeEnvironmentStringsW
HeapAlloc
HeapReAlloc
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
LCMapStringW

user32

IsWindow
PostMessageA
LoadIconA
GetSystemMetrics
GetWindowDC
ReleaseDC
GetSysColor
FindWindowExA
SendMessageA
IsWindowVisible
AppendMenuA
SetMenuDefaultItem
FindWindowA
DefWindowProcA
UnregisterHotKey
PostQuitMessage
GetCursorPos
SetForegroundWindow
CreatePopupMenu
TrackPopupMenu
DestroyMenu
CreateWindowExA
ShowWindow
UpdateWindow
SetTimer
RegisterHotKey
RegisterClassExA
GetMessageA
DispatchMessageA
TranslateMessage
DestroyWindow

gdi32

GetBkColor
SetTextAlign
SelectObject
GetTextColor
SetTextColor
TextOutA
SetBkColor
DeleteObject
CreateFontA
SetBkMode

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA

shell32

Shell_NotifyIconA
ShellExecuteA

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7944ea4ac8b247c1b28c6529783c0950

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 50KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 50KB

.rsrc
Size: 8KB - Virtual size: 5KB