af3d0bf6799c2a0eca2b8ebb3c9d56f1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

af3d0bf6799c2a0eca2b8ebb3c9d56f1_JaffaCakes118
Size

39KB
MD5

af3d0bf6799c2a0eca2b8ebb3c9d56f1
SHA1

682d1dc1e35a0502d1e5330f00e5f9679eb7067f
SHA256

a70b888f65e4bea49c64a0c321308b1e894f9567a799c740260512cc6949a581
SHA512

b3c6e34d40d4f2593d63ac8c03ff9a81648fce025f408fa79547ed6a9417d73d9b03c8ce825ba024832cd6c45247dc177b305ce3d773a82b1936876f65d2fd59
SSDEEP

768:2loxto6slWA1hIt2kTZLKQf1OuA2RqBDtTOsI1bUU+NBdHpYvtL93Ry:2ldl91h+LKQNRNVn+LdJm93Ry

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/UPSNR_45162395.exe

Files

af3d0bf6799c2a0eca2b8ebb3c9d56f1_JaffaCakes118
.eml
UPSNR_45162395.zip
.zip
UPSNR_45162395.exe
.exe windows:5 windows x86 arch:x86

6922ee02c7068c37ee087c500a7afdbc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
HeapAlloc
GetModuleHandleW
DeleteCriticalSection
CreateThread
GetCurrentProcessId
FreeLibrary
HeapAlloc
GetLastError
GetModuleFileNameW
SetLastError
CreateThread
GetProcAddress
GetModuleHandleW
InitializeCriticalSection
InterlockedCompareExchange
GetModuleHandleA
LoadLibraryA
GetModuleFileNameA
GetCurrentThreadId
EnterCriticalSection
CreateEventW
GetTickCount
MultiByteToWideChar
InterlockedDecrement
DisableThreadLibraryCalls
GetProcAddress
GetLastError
lstrcmpiW
InitializeCriticalSection
UnhandledExceptionFilter
LocalFree
InterlockedIncrement
HeapDestroy
GetModuleFileNameA
MultiByteToWideChar
CreateThread
GetModuleFileNameW
GetCurrentProcess
HeapDestroy
LeaveCriticalSection
EnterCriticalSection
GetTickCount
UnhandledExceptionFilter
LoadLibraryW
CloseHandle
MultiByteToWideChar
GetModuleHandleW
GetCurrentProcessId
FreeLibrary
GetProcessHeap
HeapFree
GetModuleHandleW
GetProcAddress
GetTickCount
GetLastError
LocalAlloc
LoadLibraryW
HeapDestroy
Sleep
InterlockedCompareExchange

user32

CreateWindowExW
DispatchMessageW
CreateWindowExW
SendMessageW
SendDlgItemMessageW
SetCursor
MessageBoxW
SetCursor
EnableWindow
GetDesktopWindow
MessageBoxW
SendDlgItemMessageW
GetSystemMetrics
GetClientRect
IsWindow
LoadCursorW
SendMessageW
SendMessageW
GetDlgItem
GetClientRect
SetForegroundWindow
GetClientRect
GetFocus
SetFocus
IsWindow
GetDesktopWindow
SendMessageW
IsDlgButtonChecked
SetForegroundWindow
IsDlgButtonChecked
KillTimer
SetCursor
PostQuitMessage
DestroyWindow
SetWindowTextW
LoadIconW
MessageBoxW
ShowWindow
GetWindowRect
DispatchMessageW
GetSystemMetrics
GetSystemMetrics
LoadIconW
LoadIconW
EndDialog
EndPaint
ShowWindow
SendDlgItemMessageW
SetTimer
wsprintfA
SendMessageW
IsDlgButtonChecked
DefWindowProcW
KillTimer
TranslateMessage
MessageBoxW
PostMessageW
SetDlgItemTextW
GetWindowRect
SetDlgItemTextW

Sections

.text
Size: 33KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
email-plain-1.txt

Sharing

General

Malware Config

Signatures

Files

6922ee02c7068c37ee087c500a7afdbc

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 33KB - Virtual size: 48KB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 33KB - Virtual size: 48KB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB