dc0e644d6c2ea384fc66e9b6f0961469_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dc0e644d6c2ea384fc66e9b6f0961469_JaffaCakes118
Size

60KB
MD5

dc0e644d6c2ea384fc66e9b6f0961469
SHA1

5b0faf44ca33f7058859b83ddb754603acd410a8
SHA256

c0a99584df7148cb3ef10094e7f9ea08cb05b546c3f99b4bf1cc6cb491420867
SHA512

19c8988ab5c615cc567615924f0d783a3555bbfc1d445cc482ce1d03f13511d52c67d3d5ab0b46b2d207f0bb3c0ddbd2f12fb39f46ca95c9a64efaf817e2978d
SSDEEP

768:AO9D1BZHJULjzFA57ORERHRboqOKLFRugbpN2CMsum6h1GoURRyBK2c:vDTZqA5iWRmrKju+KC6mK1s7B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc0e644d6c2ea384fc66e9b6f0961469_JaffaCakes118

Files

dc0e644d6c2ea384fc66e9b6f0961469_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7813fb9baf9d82bb62242af7698a63e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsIconic
DrawIconEx
GetWindowWord
GetMenuItemInfoA
PtInRect
DispatchMessageA
ChildWindowFromPointEx
SetCapture
EnableMenuItem
UnregisterClassA
FillRect
AllowSetForegroundWindow
GetKeyState
BeginPaint
EndPaint
DestroyMenu
MapWindowPoints
GetWindowInfo
GetMenuItemInfoW
MessageBoxW
GetMenuCheckMarkDimensions
PeekMessageA
GetMenuStringA
GetMenuStringW
SetMenuItemBitmaps
SendMessageW
MessageBeep
DefWindowProcA
GetWindowRgn
OffsetRect
ClientToScreen
ReleaseCapture
DispatchMessageW
CharNextA
TrackPopupMenuEx
LoadStringW
ScreenToClient
PostMessageW
GetSubMenu
GetFocus

kernel32

SetLastError
Sleep
LockResource
GetFileAttributesW
GetFileSize
CreateFileA
WriteFile
GetFileAttributesA
InterlockedCompareExchange
GetExitCodeProcess
MultiByteToWideChar
HeapSize
WriteFileEx
TlsGetValue
LoadResource
LocalAlloc
SleepEx
SetFilePointerEx
SetStdHandle
GetEnvironmentStrings
ReadFile
GetVersionExA
TryEnterCriticalSection
WaitForSingleObjectEx
FindClose
TerminateProcess
InitializeCriticalSection
InterlockedExchangeAdd
TlsFree
GetModuleFileNameW
LCMapStringA
CreateThread
SizeofResource
GetLastError
GetCurrentProcessId
VirtualAlloc
GetModuleHandleW
GetStringTypeW
InterlockedDecrement
FreeEnvironmentStringsW
FreeLibrary
WaitForMultipleObjectsEx
SetHandleCount
GetVersionExW
GlobalLock
UnhandledExceptionFilter
WaitForSingleObject
TlsSetValue
FlushFileBuffers
VirtualFree
SetFilePointer
FreeEnvironmentStringsA
DeleteFileA
GetStringTypeA
RaiseException
LocalFree
SetErrorMode
InterlockedExchange
LCMapStringW
CloseHandle
GetLocaleInfoA
GetStartupInfoW
FindCloseChangeNotification
lstrlenW
GetStdHandle
RegisterWaitForSingleObject
GetFileType
InitializeCriticalSectionAndSpinCount
SetEvent
InterlockedIncrement
CreateProcessA
SetUnhandledExceptionFilter

gdi32

CreateRoundRectRgn
CreateSolidBrush
CreateDCA
CreatePolygonRgn
CreateRectRgn
CreateFontIndirectA

setupapi

SetupRemoveSectionFromDiskSpaceListA

msvcrt

__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_XcptFilter
_exit
_onexit

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7813fb9baf9d82bb62242af7698a63e

Headers

File Characteristics

Imports

user32

kernel32

gdi32

setupapi

msvcrt

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 32KB - Virtual size: 114KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 32KB - Virtual size: 114KB

.rsrc
Size: 12KB - Virtual size: 10KB