b9f1ddeb926dad342c2bdb1f31111799_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b9f1ddeb926dad342c2bdb1f31111799_JaffaCakes118
Size

160KB
MD5

b9f1ddeb926dad342c2bdb1f31111799
SHA1

0105cde76c0dc9e6b1db652cb9b7b25a1ed56235
SHA256

8ddb6c3e8a21ef2e0dda0d47776c0d5c358198976236cfd31af2933cc56a9f70
SHA512

83e7fef8d7df81edea911eab9eeb3870feaf09c6aa5a3836527fa712b4943d9a70e2f6e4dbe6da7226f68213c585ffb8acff98340c4ee1b9844ae20fcfe1d623
SSDEEP

3072:XHPvcNOyaJXG8i8MysaXCd+eELP+Gnz+7harnj3LQ51pZlcmBWIB+Zen:Xv49aJXiHydsre2GnzsarbLS/zcA+Ze

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9f1ddeb926dad342c2bdb1f31111799_JaffaCakes118

Files

b9f1ddeb926dad342c2bdb1f31111799_JaffaCakes118
.exe windows:25419 windows x86 arch:x86

efdc40f4287af211bb01a19e48a5260c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndPaint
LoadStringA
LoadMenuW
KillTimer
InvalidateRect
LoadCursorW
CreateDialogParamW
DestroyWindow
SetTimer
GetDlgItemTextW
EnableMenuItem
MoveWindow
PtInRect
CharNextW
GetDlgItem
EnableMenuItem
IsDialogMessageW
SendDlgItemMessageW
SetTimer
SetWindowPos
SetCapture
GetMenu
DefWindowProcW
EnableMenuItem
GetWindowLongW
SetDlgItemTextW
LoadStringW
ReleaseDC
GetMessageW
GetDlgItemTextW
GetSystemMenu
GetDlgItem
OffsetRect

gdi32

CreateCompatibleDC
StretchBlt
GetTextMetricsW
GetDeviceCaps
SetBkColor
GetTextMetricsW
GetTextExtentPoint32W
CreateCompatibleDC
DeleteObject
LineTo
StretchBlt
SetBkMode
SetBkColor
SetBkMode
CreateSolidBrush
GetTextExtentPoint32W
MoveToEx
GetDeviceCaps
CreateCompatibleDC
DeleteObject
CreateBitmap
BitBlt
SetBkColor
GetStockObject
CreateSolidBrush
CreateCompatibleBitmap
GetDeviceCaps
CreateCompatibleBitmap
GetObjectW
GetObjectW
GetTextExtentPoint32W
GetTextMetricsW

kernel32

lstrlenW
SetFilePointer
HeapFree
LeaveCriticalSection
GetModuleHandleW
DeleteCriticalSection
MultiByteToWideChar
GetModuleHandleA
GetModuleHandleW
TerminateProcess
ReadFile
lstrlenW
VirtualAlloc
CloseHandle
LocalFree
SetEvent
GetProcAddress
GetCurrentThreadId
FormatMessageW
GetProcessHeap
LoadLibraryA
TerminateProcess
GetModuleFileNameA
HeapAlloc
ExitProcess
GetACP
SetEvent
GetProcessHeap
DeleteCriticalSection
HeapAlloc
GetProcessHeap
GetLastError
LoadLibraryExA
VirtualFree
lstrlenW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

efdc40f4287af211bb01a19e48a5260c

Headers

File Characteristics

Imports

user32

gdi32

kernel32

Sections

.text Size: 12KB - Virtual size: 12KB

.data Size: 136KB - Virtual size: 136KB

.rdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 136KB - Virtual size: 136KB

.rdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB