c92022390662f2037c44c606db3d7e5d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c92022390662f2037c44c606db3d7e5d_JaffaCakes118
Size

3.8MB
MD5

c92022390662f2037c44c606db3d7e5d
SHA1

1f26cc5b4b6691e06a77923dbbf20cfe9a751a38
SHA256

bee4a916bb95e8e98593ba5b9ba333310c06310b2a1cc677acf6421e98f3d4f6
SHA512

3bc2c89942ffa43a944d9b81ff9b64d1f7a00b96f3dba540e45ca5af406188ce14a928006b4a8c7cfa9efc05a40f1b45a06561a240fb81761daab8fa2ce939a7
SSDEEP

98304:rq2d+0nsiSgaVKDDYCbZDTrJ9K0uC6rOxo+5mOSTw+V686:+RfZIhTodqC+5cTw+086

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SI959_302.exe

Files

c92022390662f2037c44c606db3d7e5d_JaffaCakes118
.7z
SI959_302.exe
.exe windows:4 windows x86 arch:x86

a1c4a735c43339a0461537d67c662fe8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMessagePos
GetDlgItemTextA
GetSubMenu
CreateWindowExA
GetWindowPlacement
CallWindowProcA
PeekMessageA
CharUpperW
WinHelpW
GetWindowLongA
BeginPaint
DrawTextW
DrawFocusRect
KillTimer
SetDlgItemTextW
SetForegroundWindow
SetDlgItemTextA
UpdateWindow
GetDlgItemTextW
IsChild
GetDlgCtrlID
DialogBoxParamA
DispatchMessageW
CheckMenuItem
InflateRect
wsprintfW
GetCapture
GetClientRect
MessageBoxA
SetWindowLongW
IsWindowVisible
CharLowerW

msvcrt

??2@YAPAXI@Z
_local_unwind2
atoi
wcsspn
wcstol
ceil
swscanf
__pioinfo
atol
fwrite
mbstowcs
_acmdln
exit
isalpha
_CIpow
_ultow
strtok
strchr
_ftol
sscanf
_CxxThrowException
fflush
malloc
_purecall
qsort
wcscspn
isxdigit
_snprintf
_write
_initterm
_ltow
isalnum
iswalpha
wcsstr
memmove
wcsncat
_CIacos
_except_handler3
fread
strtoul
wcsncpy
__getmainargs
iswdigit
realloc
_strnicmp
_XcptFilter
??1type_info@@UAE@XZ

kernel32

ReleaseSemaphore
ResumeThread
GetVersion
GetModuleHandleA
GetThreadTimes
MultiByteToWideChar
HeapFree
CompareStringA
GetCurrentThreadId
GetCommandLineW
GetLocaleInfoA
GetFileAttributesW
GetCommandLineA
GetCurrentProcessId
GetSystemTimeAsFileTime
TlsFree
OpenEventW
CreateFileA
ExitProcess
WaitForSingleObject
GetModuleFileNameA
GetFileSize
DeleteFileA
VirtualAlloc
OpenMutexW
GetExitCodeProcess

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1c4a735c43339a0461537d67c662fe8

Headers

File Characteristics

Imports

user32

msvcrt

kernel32

Sections

.text Size: 3KB - Virtual size: 2KB

DATA Size: - Virtual size: 2.9MB

.tls Size: 4.9MB - Virtual size: 4.9MB

.tls Size: - Virtual size: 14KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 3KB - Virtual size: 2KB

DATA
Size: - Virtual size: 2.9MB

.tls
Size: 4.9MB - Virtual size: 4.9MB

.tls
Size: - Virtual size: 14KB

.rsrc
Size: 17KB - Virtual size: 16KB