f7e0b02274fc1f2efc02ea1dce172f27_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f7e0b02274fc1f2efc02ea1dce172f27_JaffaCakes118
Size

48KB
MD5

f7e0b02274fc1f2efc02ea1dce172f27
SHA1

193fcf0e3834f838d42c21888f05665f892c161e
SHA256

8971ee7fcabba636595a433df58dbbb20116396bff10f6c1d81899895d012376
SHA512

ed1849f93a3b91d101054b0cf5ca2242783b4d8ef925dc66a28ab0bf501dcf5220d1decd2ff79185f66fec64acbb3ba991eec41b37569665d62155fe4b9dc643
SSDEEP

1536:RbjeH8lrF6OK9EdsAwGnOQOUB6ka9FOoMOR:RbjblrF6OKSw84f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7e0b02274fc1f2efc02ea1dce172f27_JaffaCakes118

Files

f7e0b02274fc1f2efc02ea1dce172f27_JaffaCakes118
.exe windows:4 windows x86 arch:x86

219a4e17796cb388ab37104ddd9a31b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtAddAtom

gdi32

CreateFontIndirectA
ModifyWorldTransform
BitBlt
SetWindowOrgEx
DPtoLP
DeleteObject
SetViewportOrgEx
CreateCompatibleDC
SaveDC
SetBkColor
DeleteDC
CreateSolidBrush
GetObjectA
SelectObject
SetGraphicsMode
GetDeviceCaps
RestoreDC
GetTextMetricsA
ExtTextOutA
SetTextColor

advapi32

RegDeleteKeyA
RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey

kernel32

HeapSize
InterlockedDecrement
HeapFree
HeapAlloc
CreateThread
lstrcmpA
lstrlenA
CreateFileA
lstrcpyA
DeleteCriticalSection
lstrcatA
GetWindowsDirectoryA
LocalAlloc
GetProcessHeap
GetTickCount
lstrcmpiA
CreateEventA
VirtualAlloc
LocalFree
GetProcAddress
GetModuleHandleA
HeapReAlloc
lstrcpynA
GetModuleFileNameA
FreeLibrary
SetEvent
InitializeCriticalSection
GetSystemDirectoryA
GetDiskFreeSpaceA
LoadLibraryA
InterlockedIncrement
CloseHandle

user32

MessageBoxA
TranslateMessage
GetWindowRect
DialogBoxParamA
SetWindowLongA
PeekMessageA
IsWindow
CharPrevA
GetDlgItem
DestroyIcon
IsDialogMessageA
GetWindowTextA
GetWindowLongA
DrawTextA
ReleaseDC
CheckDlgButton
EndDialog
SendMessageA
IsDlgButtonChecked
SetWindowTextA
GetDC
LoadStringA
InvalidateRect
CreateDialogParamA
CharUpperA
SetWindowPos
wsprintfA
GetSysColor
GetClientRect
DispatchMessageA
MsgWaitForMultipleObjects
LoadBitmapA
EnableWindow
SetDlgItemTextA
ShowWindow
LoadImageA
SendDlgItemMessageA
DestroyWindow

atl

AtlMarshalPtrInProc

advpack

RegInstall

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.textbss
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

219a4e17796cb388ab37104ddd9a31b3

Headers

File Characteristics

Imports

ntdll

gdi32

advapi32

kernel32

user32

atl

advpack

ole32

version

Sections

.textbss Size: - Virtual size: 1.3MB

.text Size: 512B - Virtual size: 424B

.idata Size: 46KB - Virtual size: 45KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 448B

.textbss
Size: - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 424B

.idata
Size: 46KB - Virtual size: 45KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 448B