ded3c019c5107085529ec5e62215e7f2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ded3c019c5107085529ec5e62215e7f2_JaffaCakes118
Size

288KB
MD5

ded3c019c5107085529ec5e62215e7f2
SHA1

3832eb6d1cac1d00308e2cd00acd3ba8c695ef4d
SHA256

c062b162696a7b2635e90e53e1f970d2a85fda2f819ae68e386f9d6ce925efb7
SHA512

50f876c04652acac86c43ee0c097ee9c45c5221db62f3170c4e21fe8b6f1a21df16db9b8c3905c5652adf80d2c82259e9ba81a0d9ab74f8c64a4e1afa601be81
SSDEEP

3072:8ldEuM5eJk5Np2dlUX0+Cx17F8QRJZKmOK3outKNe0dSSxmYwTN09J:CCu7JyFwT7SMJMzUoS8dfxmN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ded3c019c5107085529ec5e62215e7f2_JaffaCakes118

Files

ded3c019c5107085529ec5e62215e7f2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb3169f37c2664f547fc86359825e0e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strncpy
malloc
free
modf
strncmp
atoi
_ftol
??2@YAPAXI@Z
strrchr
??3@YAXPAX@Z
sprintf
strtod
_strnicmp

user32

GetSystemMetrics
IsWindow
SetWindowLongA
GetWindowLongA
CallWindowProcA
CopyImage
LoadBitmapA
GetWindowRect
SetDlgItemTextA
DialogBoxParamA
GetDlgItem
RedrawWindow
GetWindowDC
ReleaseDC
DrawTextA
MessageBoxA
SetWindowTextA
LoadIconA
wsprintfA
SetWindowPos
SendMessageA
EndDialog

kernel32

RtlFillMemory
GetProcAddress
lstrcpynA
GetCurrentProcess
WriteProcessMemory
MulDiv
ExitProcess
HeapReAlloc
IsBadReadPtr
GetEnvironmentVariableA
GetModuleFileNameA
MoveFileA
CopyFileA
lstrlenA
GetProcessHeap
LCMapStringA
GetModuleHandleA
FreeLibrary
LoadLibraryA
RtlMoveMemory
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
lstrcpyn
lstrcatA
SetHandleCount
HeapAlloc
HeapFree
WideCharToMultiByte
DeleteFileA

gdi32

CreateCompatibleBitmap
SelectObject
CreateFontA
SetBkMode
DeleteDC
StretchBlt
BitBlt
CreateDCA
GetDeviceCaps
GetDIBits
CreateCompatibleDC
SetTextColor
DeleteObject
GetObjectA

ole32

CreateStreamOnHGlobal
CLSIDFromString

olepro32

ord251

shell32

DragAcceptFiles
DragFinish

comdlg32

GetSaveFileNameA
GetOpenFileNameA

msimg32

TransparentBlt

shlwapi

PathFileExistsA

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cb3169f37c2664f547fc86359825e0e4

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

gdi32

ole32

olepro32

shell32

comdlg32

msimg32

shlwapi

advapi32

Sections

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 116KB - Virtual size: 115KB

.rsrc Size: 108KB - Virtual size: 106KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 116KB - Virtual size: 115KB

.rsrc
Size: 108KB - Virtual size: 106KB