aee02684a23bdff22805f16ce60c6b3d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aee02684a23bdff22805f16ce60c6b3d_JaffaCakes118
Size

48KB
MD5

aee02684a23bdff22805f16ce60c6b3d
SHA1

757b1534391dc034f3d6eedd8aa4420b2227c947
SHA256

83da99bcb196497b703eb98a0c2a78161439ba0ad536f531ccdf9056203bd8f4
SHA512

98d9a98cc4714b3e997c729616eb4bad643d54d6c86d8c08ab7f0f38925780b7ff6e01163fb446cda23aeb2828d8a740043604be12e7202e480664a877564d7f
SSDEEP

768:mQjBmPHAMTIJsr792rgmT+CBkbHU/4XWfAsaUgVTqjI1is5l:moBmPHplmmLItQJ1p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aee02684a23bdff22805f16ce60c6b3d_JaffaCakes118

Files

aee02684a23bdff22805f16ce60c6b3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

025991038d50c4dd82f076257e6d557c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

kernel32

GetModuleFileNameA
GetSystemDirectoryA
HeapSize
FreeLibrary
InterlockedDecrement
lstrcmpA
lstrcatA
DisableThreadLibraryCalls
SetEvent
LocalAlloc
GetDiskFreeSpaceA
lstrcmpiA
CreateFileA
CreateEventA
InterlockedIncrement
HeapAlloc
InitializeCriticalSection
lstrcpyA
GetProcessHeap
HeapReAlloc
DeleteCriticalSection
HeapFree
CloseHandle
CreateThread
VirtualAlloc
LoadLibraryA
GetWindowsDirectoryA
GetModuleHandleA
lstrlenA
GetProcAddress
LocalFree
GetTickCount

advpack

RegInstall

user32

GetClientRect
GetSysColor
CharUpperA
DestroyIcon
TranslateMessage
SetWindowTextA
MsgWaitForMultipleObjects
EndDialog
PeekMessageA
DrawTextA
GetWindowLongA
SetWindowLongA
wsprintfA
IsWindow
GetDlgItem
ShowWindow
ReleaseDC
LoadImageA
CreateDialogParamA
EnableWindow
IsDialogMessageA
DestroyWindow
DispatchMessageA
LoadStringA
InvalidateRect
SetWindowPos
LoadBitmapA
SendDlgItemMessageA
MessageBoxA
IsDlgButtonChecked
CharPrevA
GetDC
GetWindowTextA
SendMessageA
CheckDlgButton
SetDlgItemTextA
DialogBoxParamA
GetWindowRect

atl

AtlMarshalPtrInProc

ntdll

NtAddAtom

advapi32

RegCloseKey
RegQueryValueExA
RegEnumValueA
RegEnumKeyExA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA

gdi32

DeleteObject
CreateSolidBrush
GetDeviceCaps
GetObjectA
BitBlt
RestoreDC
GetTextMetricsA
CreateCompatibleDC
CreateFontIndirectA
SetTextColor
DeleteDC
ExtTextOutA
SelectObject
DPtoLP
SetViewportOrgEx
SetWindowOrgEx
SaveDC
ModifyWorldTransform
SetBkColor
SetGraphicsMode

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.textbss
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

025991038d50c4dd82f076257e6d557c

Headers

File Characteristics

Imports

ole32

kernel32

advpack

user32

atl

ntdll

advapi32

gdi32

version

Sections

.textbss Size: - Virtual size: 1.3MB

.text Size: 512B - Virtual size: 424B

.idata Size: 46KB - Virtual size: 45KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 448B

.textbss
Size: - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 424B

.idata
Size: 46KB - Virtual size: 45KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 448B