dd489a7c3e7b30e59ef899887efb61fe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dd489a7c3e7b30e59ef899887efb61fe_JaffaCakes118
Size

198KB
MD5

dd489a7c3e7b30e59ef899887efb61fe
SHA1

912c47c58928b3bc83135346288fd22a4a36eb18
SHA256

5585b9e2b84994a7421297eb6d105d2359a315bcc5e071b8d5d5397387924ddd
SHA512

3756e525fbf6c26f9ae9a5a2eafa36a70cbf5c354fe7d83444627e2fde1df0256d19f18f2a8e0e8ec69543fdd9678926e7f51098035af123e8128460b14548f3
SSDEEP

3072:Q2rpENTxYxlGr4lKVVKVcP84IkdD+fLmtxKfg62XYrssmo2TVQ:DrpoTxYfKTKyekdifSkxeYrssmhTm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd489a7c3e7b30e59ef899887efb61fe_JaffaCakes118

Files

dd489a7c3e7b30e59ef899887efb61fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4303edfc1e6a5b1f0fe0af3a0430e901

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UpdateWindow
TranslateMessage
ShowWindow
SetDlgItemTextA
SendMessageA
RegisterClassExA
PostQuitMessage
MessageBoxA
LoadIconA
CreateDialogParamA
DefWindowProcA
DestroyWindow
DispatchMessageA
CheckDlgButton
EnableWindow
GetDlgItem
GetDlgItemTextA
LoadCursorA
IsDlgButtonChecked
GetMessageA

kernel32

CreateThread
FindResourceA
LoadResource
LocalFree
LockResource
SizeofResource
_lclose
_llseek
CloseHandle
CreateFileA
CreateProcessA
_lopen
GetCommandLineA
GetCurrentDirectoryA
GetFileAttributesA
GetFileSize
GetModuleHandleA
GetThreadContext
ReadFile
ReadProcessMemory
ResumeThread
SetCurrentDirectoryA
SetFilePointer
SetUnhandledExceptionFilter
Sleep
SuspendThread
LocalAlloc
VirtualFree
WriteFile
WriteProcessMemory
lstrcatA
lstrcpyA
lstrlenA
_lread
ExitProcess
VirtualAlloc

comctl32

InitCommonControls

comdlg32

GetOpenFileNameA

advapi32

GetUserNameA
RegSetValueExA
RegCreateKeyA
RegCloseKey

gdi32

SetBkColor
SetTextColor
GetStockObject

winmm

waveOutWrite
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutOpen
waveOutGetPosition
waveOutClose
waveOutReset

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4303edfc1e6a5b1f0fe0af3a0430e901

Headers

File Characteristics

Imports

user32

kernel32

comctl32

comdlg32

advapi32

gdi32

winmm

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 1.0MB

.rsrc Size: 180KB - Virtual size: 180KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1.0MB

.rsrc
Size: 180KB - Virtual size: 180KB