d7245d3a9a104e9ae8c2cb82f8415fc7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d7245d3a9a104e9ae8c2cb82f8415fc7_JaffaCakes118
Size

228KB
MD5

d7245d3a9a104e9ae8c2cb82f8415fc7
SHA1

7016c5deff69ec470b824eb87a3b50be385eb4f7
SHA256

454e7ef58478a3a8ffa7f9bf1c3ddd2527f9c1627a190d986bd8811b97c38a4d
SHA512

a5fe21ee96d9c617d90901e25f7929390ce69515b7cbd922f7063dd017e08995cd26fe310adb97ec23c428ee2e78f4103313b4074ce9aa2743bbbc412e29d12b
SSDEEP

3072:IY7i9P50fylwpHzAFE4nga4YKO1fUMqKXkbbd4b:TGONzAZga4nx4a6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7245d3a9a104e9ae8c2cb82f8415fc7_JaffaCakes118

Files

d7245d3a9a104e9ae8c2cb82f8415fc7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c8e74c36a4aa9bd440d0b8534281594

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Dodo\Pictures\111\drawwindow_src\Release\DrawWindow.pdb

Imports

kernel32

LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsBadCodePtr
IsBadReadPtr
GetCPInfo
GetOEMCP
GetACP
LoadLibraryA
VirtualQuery
MultiByteToWideChar
InitializeCriticalSection
SetUnhandledExceptionFilter
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
SetLastError
TlsAlloc
GetFileType
SetHandleCount
GetEnvironmentStringsW
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
VirtualAlloc
GetProcAddress
LoadLibraryW
InterlockedExchange
HeapAlloc
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
RtlUnwind
RaiseException
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
IsBadWritePtr
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError

user32

MoveWindow
SystemParametersInfoA
SetWindowRgn
InvalidateRect
TrackPopupMenu
GetSystemMenu
PtInRect
GetClientRect
ReleaseDC
DrawTextA
GetWindowTextA
DrawIconEx
SendMessageA
GetSystemMetrics
OffsetRect
GetWindowRect
SetWindowPos
LoadBitmapA
SetRect
SetWindowLongA
GetWindowLongA
GetWindowDC
EndDialog
PostQuitMessage
EndPaint
BeginPaint
DefWindowProcA
DestroyWindow
DialogBoxParamA
UpdateWindow
ShowWindow
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
MessageBoxA
LoadStringA

gdi32

SetStretchBltMode
StretchBlt
SetBkColor
CreateBitmap
RealizePalette
SelectPalette
GetDeviceCaps
CreateDIBSection
GetBitmapBits
CombineRgn
CreateRectRgn
ExtCreateRegion
GetDIBits
CreateICA
SetTextColor
BitBlt
SetBkMode
SelectObject
CreateCompatibleBitmap
SelectClipRgn
ExcludeClipRect
GetObjectA
CreateFontIndirectA
CreateCompatibleDC
DeleteObject
DeleteDC

Exports

Exports

lhxXfY9mIrDZ

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c8e74c36a4aa9bd440d0b8534281594

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 160KB - Virtual size: 156KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 160KB - Virtual size: 156KB