b697da66422dd09316328f57908d512f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b697da66422dd09316328f57908d512f_JaffaCakes118
Size

58KB
MD5

b697da66422dd09316328f57908d512f
SHA1

da5fd45f08fb5a2f5f93c509a51f563716fc4b26
SHA256

37c7e6c62f6548caa1c4d5ee8ba75d09c3e865370e0d5f765b899aa69d024eb9
SHA512

0354fa82040055419480f6e351c01bc89ddcdfdc9705121ed2f2deef537f69d48835ae91c9bd6df5786f8eb7286da1a1b64625a15af8d1b17ce5252b7d628934
SSDEEP

768:Jhf8s2YJ8w4ekMXu1Jr2ugULiJw1y5YEDl+bIDlVWCm/qu:P8s2Y2FBRMJn5YEDsbIDlHu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b697da66422dd09316328f57908d512f_JaffaCakes118

Files

b697da66422dd09316328f57908d512f_JaffaCakes118
.exe windows:1 windows x86 arch:x86

f37eac1b62656f31a6aca0ccea4829a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

_lwrite
GetProcAddress
_lcreat
_lread
_lopen
lstrcmpA
LocalLock
lstrlenA
_llseek
DeleteFileA
LocalReAlloc
CopyFileA
GetPrivateProfileStringA
GetPrivateProfileIntA
SetThreadPriority
GetFileSize
WritePrivateProfileStringA
GetCurrentDirectoryA
GetModuleHandleA
GetCurrentProcess
ExitProcess
LocalUnlock
LocalFree
LoadLibraryA
CreateThread
LocalAlloc
GetTickCount
SetPriorityClass
CloseHandle

main32

RndNum
HexStrToNum
RenameFileA
SetWindowInCenter
IsFileA
DecToStr
GetProcessorSupport
SetMain32Options
HexToStr
SelectColor32

user32

LoadCursorA
LoadBitmapA
IsDlgButtonChecked
GetMessageA
GetKeyState
GetFocus
GetDlgItem
FindWindowA
EndDialog
EnableWindow
DispatchMessageA
DialogBoxParamA
DefWindowProcA
CreateDialogParamA
GetDlgItemTextA
CheckDlgButton
CallWindowProcA
CallNextHookEx
GetWindowTextA
TranslateMessage
SystemParametersInfoA
ShowWindow
LoadIconA
SetWindowsHookExA
SetWindowLongA
SetForegroundWindow
SetFocus
SetDlgItemTextA
SetActiveWindow
SendMessageA
SendDlgItemMessageA
RegisterClassExA
RedrawWindow
PostQuitMessage
SetWindowTextA
MessageBoxA

gdi32

SetTextColor
SetBkColor
DeleteObject
CreateSolidBrush

comdlg32

GetSaveFileNameA
GetOpenFileNameA

comctl32

ImageList_Destroy
ImageList_Create
ImageList_AddMasked

Sections

CODE
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f37eac1b62656f31a6aca0ccea4829a5

Headers

File Characteristics

Imports

kernel32

main32

user32

gdi32

comdlg32

comctl32

Sections

CODE Size: 19KB - Virtual size: 20KB

DATA Size: 8KB - Virtual size: 64KB

.idata Size: 2KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.rsrc Size: 25KB - Virtual size: 32KB

CODE
Size: 19KB - Virtual size: 20KB

DATA
Size: 8KB - Virtual size: 64KB

.idata
Size: 2KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 25KB - Virtual size: 32KB