c1d4d77fccb13b70ea40f129ded3b2f3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c1d4d77fccb13b70ea40f129ded3b2f3_JaffaCakes118
Size

48KB
MD5

c1d4d77fccb13b70ea40f129ded3b2f3
SHA1

03e87e43d801e54416fbfd3ae0d28afd12a496c0
SHA256

aba9d01e163a11ec4d4afb5c7d6ca33c0b8d6ba103300b592741967865fe7d1d
SHA512

6d40e93567f59c89e0dc2a31b81e4a752a5350a9690fa28fd10ad0dfbc73c75d92b57c88bf9aa71552fa6d77ba0797f94f8a7bbbe40ebdfcbe3ce94dbd1dee95
SSDEEP

1536:qYxcrbxV/lpQ0fWOJwMAOiRhZxvDFUjZwZ:HxcXxdlblJjAndDFU6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1d4d77fccb13b70ea40f129ded3b2f3_JaffaCakes118

Files

c1d4d77fccb13b70ea40f129ded3b2f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0700d9e9de4212821e3e5b5dfe97bcf3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
GetDlgItem
SetWindowTextA
EndDialog
SetWindowPos
IsDialogMessageA
MsgWaitForMultipleObjects
MessageBoxA
DestroyWindow
LoadImageA
GetWindowRect
LoadStringA
EnableWindow
GetSysColor
DrawTextA
GetDC
DispatchMessageA
PeekMessageA
DestroyIcon
GetClientRect
CharUpperA
IsWindow
TranslateMessage
CharPrevA
wsprintfA
CreateDialogParamA
IsDlgButtonChecked
SetDlgItemTextA
SetWindowLongA
SendMessageA
LoadBitmapA
DialogBoxParamA
InvalidateRect
CheckDlgButton
GetWindowTextA
ReleaseDC
GetWindowLongA
SendDlgItemMessageA

advapi32

RegDeleteKeyA
RegEnumKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegEnumValueA
RegQueryValueExA

advpack

RegInstall

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

ntdll

NtAddAtom

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

gdi32

CreateFontIndirectA
SelectObject
SetWindowOrgEx
SetViewportOrgEx
CreateCompatibleDC
GetTextMetricsA
GetObjectA
ModifyWorldTransform
DeleteDC
DPtoLP
CreateSolidBrush
GetDeviceCaps
ExtTextOutA
SaveDC
SetBkColor
SetTextColor
DeleteObject
BitBlt
SetGraphicsMode
RestoreDC

atl

AtlMarshalPtrInProc

kernel32

CreateFileA
lstrlenA
SetEvent
VirtualAlloc
GetWindowsDirectoryA
lstrcmpiA
HeapAlloc
CloseHandle
GetProcAddress
GetModuleHandleA
lstrcpynA
lstrcpyA
InterlockedIncrement
HeapFree
HeapSize
LocalAlloc
HeapReAlloc
GetTickCount
CreateEventA
FreeLibrary
GetProcessHeap
GetDiskFreeSpaceA
GetSystemDirectoryA
InitializeCriticalSection
CreateThread
lstrcatA
LoadLibraryA
LocalFree
lstrcmpA
DisableThreadLibraryCalls
InterlockedDecrement
GetModuleFileNameA

Sections

.textbss
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0700d9e9de4212821e3e5b5dfe97bcf3

Headers

File Characteristics

Imports

user32

advapi32

advpack

version

ntdll

ole32

gdi32

atl

kernel32

Sections

.textbss Size: - Virtual size: 1.3MB

.text Size: 512B - Virtual size: 424B

.idata Size: 46KB - Virtual size: 45KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 448B

.textbss
Size: - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 424B

.idata
Size: 46KB - Virtual size: 45KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 448B