d5dbfed00253fcf5656bb021fdd5d3ee_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d5dbfed00253fcf5656bb021fdd5d3ee_JaffaCakes118
Size

124KB
MD5

d5dbfed00253fcf5656bb021fdd5d3ee
SHA1

7fbb1e22aa126bf8d60e1f01014ad8d9e2b1566a
SHA256

d593db33f5c49d157ef76fb5ea0510505270a6ceb96ffbb048449f1aadccebc4
SHA512

8741875af8670cd4d9ae50e6c7d005437e8f13cdf82bc16c09ccf5111538dfb13e0d7015922a0a93a4e0591a1b2e1d10564c06c7197497fea86d625eb16fb160
SSDEEP

3072:2aRrfTk+rcAUP957g7UX3hzcyqMpi57YPcWX1pSwK:nRLY+rMDhzcD0XLrK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5dbfed00253fcf5656bb021fdd5d3ee_JaffaCakes118

Files

d5dbfed00253fcf5656bb021fdd5d3ee_JaffaCakes118
.exe windows:1 windows x86 arch:x86

3b90856cbff6955bd6712b4ccfe3df31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
IsDebuggerPresent
InitializeCriticalSection
CreateThread
FindFirstFileA
GetLastError
GetCurrentProcess
GetComputerNameW
LockResource
GetEnvironmentStrings
GetCurrentDirectoryA
TerminateProcess
GetFileTime
GetCPInfo
HeapReAlloc
GetConsoleOutputCP
GetThreadContext
ReadFile
GlobalUnlock
DeleteFileA
IsBadStringPtrW
RtlUnwind
InterlockedIncrement
GetCommandLineW
GetTickCount
InterlockedDecrement
FreeEnvironmentStringsW
LoadLibraryW
GlobalMemoryStatus
GlobalReAlloc
GetStartupInfoA
LocalAlloc
GetACP
GetStringTypeW
GetModuleHandleA
LeaveCriticalSection
CreateFileMappingA
FindResourceA
SearchPathA
FlushFileBuffers
CreateToolhelp32Snapshot
TlsGetValue
GetModuleHandleW
LCMapStringW
GetDateFormatA
GetEnvironmentVariableA
ResumeThread

user32

IntersectRect
InvalidateRect
FindWindowExA
CheckMenuRadioItem
LoadCursorA
BeginPaint
GetClassNameA
SendMessageA
DeferWindowPos
WindowFromPoint
DefFrameProcA
FrameRect
EndPaint
DrawEdge
SetCapture
DrawFrameControl
SetClipboardData
CallWindowProcA
GetPropA
UnionRect
GetCapture
ClientToScreen
ReleaseCapture
SetScrollInfo
IsIconic
UpdateWindow
FillRect
GetUpdateRgn
SetPropA
DefDlgProcA
GetSysColorBrush
OffsetRect
EnumWindows
PeekMessageA
GetWindowTextA
LoadImageA
EnableWindow
MessageBoxA
EndDialog
SetWindowPos
DialogBoxIndirectParamA
SetTimer

msvcrt

memcpy
_exit
_initterm
__p__commode
__set_app_type
__p__fmode
exit
_acmdln
_controlfp
__setusermatherr
__getmainargs
_adjust_fdiv
_except_handler3
_XcptFilter

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b90856cbff6955bd6712b4ccfe3df31

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 71KB - Virtual size: 71KB

.data Size: 30KB - Virtual size: 56KB

.rsrc Size: 512B - Virtual size: 164B

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 71KB - Virtual size: 71KB

.data
Size: 30KB - Virtual size: 56KB

.rsrc
Size: 512B - Virtual size: 164B