bade530a26d084041be35aeb57564323_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bade530a26d084041be35aeb57564323_JaffaCakes118
Size

150KB
MD5

bade530a26d084041be35aeb57564323
SHA1

b56370ebb24f44054058114250448a81f0bc9c00
SHA256

50bf99b5db77e2bd2dd13d786077d9fc0ffc10001aba0b8afa5f09720102860f
SHA512

cacfa46139b3ab71701ef7b5d4c86de433e34b0b72abd94f264f905c96fd664ac502d3b3984818f187f033b40d9e798aad22b8582a91f706e92680bd3edf8ef0
SSDEEP

3072:GaCKvQYHUeH/fAlNS4zZrQCkvBxEoWp5ytoZyw:BpHUeHoS4NoZXa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bade530a26d084041be35aeb57564323_JaffaCakes118

Files

bade530a26d084041be35aeb57564323_JaffaCakes118
.exe windows:5 windows x86 arch:x86

62ca22c1c1704eea2ba322d020ed51c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMessageTime
DialogBoxParamA
MsgWaitForMultipleObjects
CharNextW
SetWindowsHookExW
FindWindowW
SetWindowLongW
GetMenuState
DestroyIcon
GetWindowThreadProcessId
SetParent
LoadMenuW
GetWindowTextLengthW
PeekMessageW
PostThreadMessageW
RegisterClassW
LoadIconW
GetMenuItemCount
DispatchMessageA
IsDialogMessageA
ReleaseCapture
CheckMenuItem
BringWindowToTop
SetRect

kernel32

GetTempFileNameA
SetFilePointer
GetPrivateProfileStringW
SetEndOfFile
OpenEventW
LeaveCriticalSection
CreateDirectoryW
WideCharToMultiByte
LocalFileTimeToFileTime
LockResource
SetStdHandle
GetStartupInfoA
FlushFileBuffers
UnmapViewOfFile
ExpandEnvironmentStringsW
FindFirstFileW
FormatMessageA
ExpandEnvironmentStringsA
lstrlenA
VirtualAlloc
WaitForMultipleObjects
GetStringTypeA
GetFullPathNameA
lstrcmpiW
CreateFileMappingA
LoadLibraryA
GlobalLock
GetTimeFormatW
WriteConsoleA
InterlockedExchange
GetFileTime
ExitProcess
RaiseException
EnterCriticalSection
GlobalSize

msvcrt

qsort
__getmainargs
exit
fflush
__p__commode
__p__fmode
_initterm
__set_app_type
_XcptFilter
_stricmp

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62ca22c1c1704eea2ba322d020ed51c8

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

msvcrt

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 512B - Virtual size: 512B

.data Size: 32KB - Virtual size: 247KB

.rsrc Size: 53KB - Virtual size: 53KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 512B - Virtual size: 512B

.data
Size: 32KB - Virtual size: 247KB

.rsrc
Size: 53KB - Virtual size: 53KB

.reloc
Size: 1024B - Virtual size: 1024B