c8861d7e8284a56ed7709338be4218b5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c8861d7e8284a56ed7709338be4218b5_JaffaCakes118
Size

268KB
MD5

c8861d7e8284a56ed7709338be4218b5
SHA1

6f68dc12b2d2d9b1c3ba4b58ab334f91805b59a2
SHA256

f961799804002725c964059a702910f4199195e2e40e1a0e903c86a8e3c05990
SHA512

59d60aac7eb225cb4ea59c8568acb50aca306b159059f5513eccfca8648177fce3409b6874f49be2178cae55bf4726416a778a413fffe4425e19533d03718735
SSDEEP

3072:QVchMGFrNopAn5Fq2NuUOyY2jVEm4WnP9sOFxXtq86PQQDDHD2d7de/oXte8aHQj:ycp4pAn5FVTY4amxiUq8+FvHiRWoXt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8861d7e8284a56ed7709338be4218b5_JaffaCakes118

Files

c8861d7e8284a56ed7709338be4218b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a5c94a55931f9cb9f339f1ba35266814

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
WideCharToMultiByte
CreateThread
LoadResource
FreeResource
SuspendThread
GetProcAddress
SetFilePointer
SizeofResource
FindNextChangeNotification
FindFirstChangeNotificationW
GlobalDeleteAtom
GlobalLock
InterlockedDecrement
FindResourceExW
MultiByteToWideChar
FreeLibrary
DuplicateHandle
GlobalAddAtomW
lstrcpyW
GetPrivateProfileStringW
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualFree
VirtualProtect
ReadProcessMemory
GetCurrentProcess
CreateEventW
GetFileAttributesW
InterlockedIncrement
FindFirstFileW
SetEndOfFile
GetSystemTime
WriteFile
TerminateThread
QueryDosDeviceW
GetModuleHandleW
SetCurrentDirectoryW
WritePrivateProfileStringW
VirtualAlloc
Sleep
MulDiv
SetWaitableTimer
GlobalAlloc
CreateFileW
GetCurrentProcessId
GetFileAttributesExW
GetModuleFileNameW
GetLastError
GetCurrentThreadId

user32

DialogBoxParamW
GetWindowRect
SetCursorPos
CreateWindowExW
InvalidateRect
SetDlgItemTextW
GetKeyState
GetSysColor
TrackPopupMenu
SendDlgItemMessageW
VkKeyScanW
UpdateWindow
ReleaseDC
PostMessageW
LoadStringW
RegisterWindowMessageW
GetWindowDC
DrawTextW
DefWindowProcW
GetDlgItem
AppendMenuW
TranslateMessage
LoadBitmapW
SetCursor
FillRect
ReleaseCapture
SendMessageW
SetWindowTextW
IsDlgButtonChecked
GetClassNameW

gdi32

SetDIBits
CreatePen
GetMapMode
GetDeviceCaps
SelectObject
DPtoLP
DeleteObject
LineTo
CreateDCW
MoveToEx
CreateBitmap
CreateSolidBrush
CreateRoundRectRgn
DeleteDC
Rectangle
GetStockObject
CreateFontIndirectW

advapi32

RegOpenKeyExW
GetUserNameW
RegDeleteValueW
RegCloseKey
LookupAccountSidW
RegQueryValueExW

shell32

SHChangeNotify

oleaut32

SysFreeString
OleLoadPicture

Sections

.text
Size: 240KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a5c94a55931f9cb9f339f1ba35266814

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

oleaut32

Sections

.text Size: 240KB - Virtual size: 238KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 17KB

.text
Size: 240KB - Virtual size: 238KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 17KB