e01792306d50113d204887e65e634920_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e01792306d50113d204887e65e634920_JaffaCakes118
Size

130KB
MD5

e01792306d50113d204887e65e634920
SHA1

0946cdbace6082944d2bebf3bc674bbe015b954e
SHA256

002a0e1f4a5b90408300928a1b708016324380d962274bd23e9f8c4704005b6f
SHA512

e4b2c2aebec53f5c2949f7630532a54b2ae4c9360a802fcf940301bc1305159304edae7a899bece939b599350fcb292b0d21c51007490d95b7af7d299f29cedf
SSDEEP

3072:Q9h5kxIxaDMqqDa/fjTUkY0T8jX3tFj5TEzERYnIyh:UC6xawqqDGf/PDETTdMT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e01792306d50113d204887e65e634920_JaffaCakes118

Files

e01792306d50113d204887e65e634920_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c1d3490bf6da04b4fcb43328affaa2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

fread
fseek
memset
ftell
free
fclose
fwrite
malloc
memcmp
wcschr
wcsstr
_wcsdup
wcslen
wcsrchr
wcscspn
_ultoa
_fdopen
_open_osfhandle
wcscmp
iswalpha
_wcsnicmp
fgetc
wcstok
memcpy

kernel32

GetVersionExA
SearchPathW
GetFileAttributesW
lstrlenW
lstrcpyW
lstrcatW
GlobalFree
GlobalUnlock
GlobalHandle
GlobalReAlloc
GlobalAlloc
MultiByteToWideChar
WideCharToMultiByte
CreateDirectoryW
CloseHandle
SetFileTime
CreateFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemDirectoryW
GetWindowsDirectoryW
GetTempPathW
lstrcmpW
Sleep
GetModuleFileNameW
IsDBCSLeadByte
GetModuleHandleA
FormatMessageW
GetLastError
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
GetSystemInfo
GetCurrentThreadId
FindClose
FindNextFileW
FindFirstFileW
RemoveDirectoryW
DeleteFileW
SetFileAttributesW
GetExitCodeThread
WaitForSingleObject
CreateThread
CompareFileTime
GetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetCurrentProcess
GetProcAddress
GetModuleHandleW
GetExitCodeProcess
CreateProcessW
GetShortPathNameW
lstrcmpiW
GetCommandLineW
LocalFree
ExitProcess
lstrlenA
GlobalLock

user32

DestroyIcon
wsprintfW
SendMessageA
UpdateWindow
ShowWindow
CreateDialogParamA
SetWindowPos
CreateWindowExA
PostQuitMessage
DestroyWindow
GetDlgItemTextA
InvalidateRect
MessageBoxW
DispatchMessageA
TranslateMessage
IsDialogMessageA
CallWindowProcW
UnhookWindowsHookEx
SetWindowTextW
PostMessageW
CallNextHookEx
CheckDlgButton
GetParent
SetWindowsHookExA
CreateWindowExW
GetDesktopWindow
GetSystemMetrics
ReleaseDC
GetDC
MessageBeep
GetMessageA
FindWindowW
WaitForInputIdle
GetWindowLongW
SetWindowLongW
GetDlgItem
SetDlgItemTextW
IsWindow
GetWindowTextW
PeekMessageA
GetWindowRect
GetDlgItemTextW
IsDlgButtonChecked
DialogBoxParamA
SendMessageW
LoadStringW
LoadStringA
MessageBoxA
GetKeyState
EndDialog

shell32

ShellExecuteW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW

ole32

CoTaskMemFree

comctl32

ord17

gdi32

GetTextExtentPoint32W
SelectObject

mpr

WNetEnumResourceW
WNetOpenEnumW
WNetCloseEnum

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c1d3490bf6da04b4fcb43328affaa2b

Headers

File Characteristics

Imports

crtdll

kernel32

user32

shell32

ole32

comctl32

gdi32

mpr

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 28KB - Virtual size: 27KB