c779de34341460a67c5aae67a5f4d6ec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c779de34341460a67c5aae67a5f4d6ec_JaffaCakes118
Size

180KB
MD5

c779de34341460a67c5aae67a5f4d6ec
SHA1

dbff12560e9a6cb508f9d9c321fca81dc6162161
SHA256

b83a61459a99969957953a60f41a0377d6c84ac4de8df93debadac48f19fb131
SHA512

25bc5b6ba1924333f6adfb4af2aa2a9c0d09b1c8373e55c13cafc6fcc3881e3be522fa5c9edb61253a7c5097b10d4396292ba00453eaec5436f2f61903f87cfd
SSDEEP

3072:tUcx9E+BFqk6JX+1PGBLbnSsA896boVW0Nx2IIeLwHd1CkxxB1a:acx9E+Fqk6WPGdBQk80Nv3cux

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c779de34341460a67c5aae67a5f4d6ec_JaffaCakes118

Files

c779de34341460a67c5aae67a5f4d6ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ca2a7ba1e05628a65fc991340c698ebb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromGUID2
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc

msimg32

AlphaBlend
TransparentBlt

user32

GetDC
GetDlgItemTextA
IsWindow
SetWindowLongA
GetDlgItem
UnregisterClassA
SetDlgItemTextA
IsDialogMessageA
IsDlgButtonChecked
DestroyWindow
ReleaseDC
WinHelpA
MoveWindow
EnableWindow
CheckDlgButton
SendMessageA
ShowWindow
GetDialogBaseUnits
CreateDialogParamA
CharNextA

kernel32

GetProcAddress
FreeLibrary
VirtualQuery
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
SetHandleInformation
GetStartupInfoA
lstrcatA
GetVersionExA
UnhandledExceptionFilter
lstrcpyA
IsBadCodePtr
VirtualProtect
GetModuleFileNameA
LeaveCriticalSection
TerminateProcess
CloseHandle
DeleteCriticalSection
TransmitCommChar
GetACP
SetFilePointer
TlsFree
FindResourceA
InterlockedIncrement
GetStringTypeW
RtlUnwind
GetCommandLineA
RaiseException
GetEnvironmentStrings
GetProcessHeap
FlushFileBuffers
VirtualAlloc
HeapCreate
LockResource
lstrcpynA
InitializeCriticalSection
TlsGetValue
TlsAlloc
DisableThreadLibraryCalls
InterlockedExchange
lstrlenA
FlushInstructionCache
FreeEnvironmentStringsA
GetLastError
EnumResourceNamesW
SetHandleCount
VirtualFree
InterlockedDecrement
GetFileType
HeapDestroy
TlsSetValue
GetTickCount
QueryPerformanceCounter
LCMapStringA
WriteFile
GetStringTypeA
EnterCriticalSection
GetThreadLocale
GetCurrentProcess
FreeEnvironmentStringsW
SizeofResource
GetSystemTimeAsFileTime
LoadResource
IsBadWritePtr
GetCurrentThreadId
ExitProcess
HeapAlloc
SetUnhandledExceptionFilter
lstrlenW
lstrcmpiA
SetStdHandle
GetCurrentProcessId
IsDBCSLeadByte
LCMapStringW
MultiByteToWideChar
GetStdHandle
GetSystemInfo
SetLastError
HeapReAlloc
MulDiv
LoadLibraryExA
WideCharToMultiByte
GetModuleHandleA
HeapSize
ExitProcess
LoadLibraryA
GetLocaleInfoA
IsBadReadPtr
HeapFree

shlwapi

PathFindExtensionA

advapi32

RegCloseKey
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryInfoKeyA

gdi32

SelectObject
GetTextExtentPointA
DeleteObject
GetDeviceCaps
GetTextMetricsA
CreateFontIndirectA

Sections

.text
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca2a7ba1e05628a65fc991340c698ebb

Headers

File Characteristics

Imports

ole32

msimg32

user32

kernel32

shlwapi

advapi32

gdi32

Sections

.text Size: 131KB - Virtual size: 130KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 44KB - Virtual size: 43KB

.crt Size: 512B - Virtual size: 216KB

.text
Size: 131KB - Virtual size: 130KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 44KB - Virtual size: 43KB

.crt
Size: 512B - Virtual size: 216KB