fa47b5e2b829a3d6b687e872bff3505c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fa47b5e2b829a3d6b687e872bff3505c_JaffaCakes118
Size

48KB
MD5

fa47b5e2b829a3d6b687e872bff3505c
SHA1

f57db08a0e012ef689a9b8536bcc8c15a0c81ea1
SHA256

c932693d8a074a0233b22bb96f52616be7e90a4f5fbffd3683895f1cf666d845
SHA512

eb1f68ba68f4bbfb2f8a4b699b6621d5112557d9ad35f700c136cda9d44cb91706fd65a735beb13cba4da7f91f6b76c0f5e6bdb680d6c2ab2e0397bfe967abfa
SSDEEP

1536:uZPj0IsQKqurqbXsDPZOX2YnRwkoOCTj:4bsQKqADPZYfRwkoJH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa47b5e2b829a3d6b687e872bff3505c_JaffaCakes118

Files

fa47b5e2b829a3d6b687e872bff3505c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bbec3ad19a12cf36897a14f7f7044294

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

user32

LoadStringA
GetClientRect
SetDlgItemTextA
IsDlgButtonChecked
CharUpperA
MessageBoxA
CharPrevA
SetWindowPos
ShowWindow
DispatchMessageA
IsDialogMessageA
EndDialog
GetSysColor
CreateDialogParamA
DestroyWindow
GetDlgItem
DestroyIcon
GetWindowRect
SendDlgItemMessageA
GetWindowTextA
ReleaseDC
IsWindow
EnableWindow
DrawTextA
GetWindowLongA
TranslateMessage
LoadBitmapA
SetWindowLongA
wsprintfA
DialogBoxParamA
CheckDlgButton
InvalidateRect
SendMessageA
MsgWaitForMultipleObjects
SetWindowTextA
LoadImageA
GetDC
PeekMessageA

kernel32

GetWindowsDirectoryA
DeleteCriticalSection
lstrcmpiA
GetDiskFreeSpaceA
lstrcatA
lstrlenA
VirtualAlloc
InitializeCriticalSection
LoadLibraryA
lstrcmpA
DisableThreadLibraryCalls
SetEvent
lstrcpynA
FreeLibrary
HeapFree
CreateFileA
CloseHandle
GetModuleFileNameA
lstrcpyA
InterlockedDecrement
CreateEventA
HeapSize
LocalFree
CreateThread
LocalAlloc
HeapReAlloc
GetSystemDirectoryA
GetProcAddress
GetModuleHandleA
InterlockedIncrement
HeapAlloc
GetProcessHeap

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

gdi32

RestoreDC
GetTextMetricsA
DeleteObject
CreateFontIndirectA
SetViewportOrgEx
CreateCompatibleDC
SaveDC
GetDeviceCaps
SelectObject
DPtoLP
ModifyWorldTransform
BitBlt
CreateSolidBrush
ExtTextOutA
DeleteDC
GetObjectA
SetGraphicsMode
SetBkColor
SetWindowOrgEx
SetTextColor

advpack

RegInstall

atl

AtlMarshalPtrInProc

ntdll

NtAddAtom

advapi32

RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegSetValueExA
RegCloseKey
RegEnumValueA
RegEnumKeyExA

Sections

.textbss
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbec3ad19a12cf36897a14f7f7044294

Headers

File Characteristics

Imports

ole32

user32

kernel32

version

gdi32

advpack

atl

ntdll

advapi32

Sections

.textbss Size: - Virtual size: 1.3MB

.text Size: 512B - Virtual size: 424B

.idata Size: 46KB - Virtual size: 45KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 448B

.textbss
Size: - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 424B

.idata
Size: 46KB - Virtual size: 45KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 448B