03ad343e47171518a5a6040fe2e4ff12_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

03ad343e47171518a5a6040fe2e4ff12_JaffaCakes118
Size

215KB
MD5

03ad343e47171518a5a6040fe2e4ff12
SHA1

0a45157fc6858b5a0d5fceb33e0c52ef1cfc35c6
SHA256

ac7a8a01617c66ef0ffad893d2dc25f931ed86e4ad2d0756a9b4acdc5cd11545
SHA512

20a7e282d6cbd77da640f5d336266e1f5dff9891051fdbc5bf76c4fa31ee105beb565915ef227d79f8cd04a66f5bd0e8998737408545e6edb5e8d0d48d68b4c5
SSDEEP

6144:WOKNJAg1jsaISih0MTFLXPDxU9z/W4J6dK:ZKNJdjsa1+rPWz+4WK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03ad343e47171518a5a6040fe2e4ff12_JaffaCakes118

Files

03ad343e47171518a5a6040fe2e4ff12_JaffaCakes118
.exe windows:1 windows x86 arch:x86

f3b91a7db5b9d6b53ecc212467248290

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
GetVersionExA
CreateFileA
LocalAlloc
InterlockedExchange
RaiseException
GetFileSize
SetFilePointer
ReadFile
DisableThreadLibraryCalls
FindClose
lstrcpyA
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
GetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
FreeResource
SizeofResource
SetLastError
WaitForSingleObject
CreateEventA
CreateThread
SetThreadPriority
CloseHandle
SetEvent
GetCurrentProcess
FlushInstructionCache
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleA
GetCurrentThreadId
lstrlenA
LoadLibraryA
GetProcAddress
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
FindResourceA
LoadResource
LockResource
VirtualAllocEx
lstrcmpA
LoadLibraryExA

gdi32

SelectObject
SaveDC
SetTextColor
GetObjectA
CreateFontIndirectA
RestoreDC
DeleteObject
GetDeviceCaps

user32

CallNextHookEx
GetFocus
IsChild
SetFocus
UnhookWindowsHookEx
SendMessageA
GetDC
UnregisterClassA
SetWindowsHookExA
GetKeyState
TranslateMessage
GetWindowTextA
SetWindowTextA
SetRect
GetMessagePos
MoveWindow
MessageBeep
GetParent
CreateWindowExA
GetWindow
SetWindowContextHelpId
SendDlgItemMessageA
DestroyWindow
DefWindowProcA
WinHelpA
IsIconic
ShowWindow
BringWindowToTop
PostQuitMessage
EnumChildWindows
CreateDialogParamA
EnableWindow
IsDlgButtonChecked
CheckDlgButton
LoadBitmapA
EndDialog
GetWindowLongA
PostMessageA
SetForegroundWindow
IsDialogMessageA
GetWindowRect
SetWindowPos
SetWindowLongA
GetSysColor
LoadCursorA
SetCursor
IsWindowUnicode
GetClientRect
ChildWindowFromPoint
DispatchMessageA

advapi32

RegEnumKeyA
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

CLSIDFromString
CoTaskMemFree
StringFromGUID2
CreateStreamOnHGlobal
CoCreateInstance

wininet

DeleteUrlCacheEntryW
DeleteUrlCacheEntryA

olesvr32

OleRegisterServer
SendDataMsg

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 160KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icode
Size: 6KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3b91a7db5b9d6b53ecc212467248290

Headers

File Characteristics

Imports

kernel32

gdi32

user32

advapi32

ole32

wininet

olesvr32

Sections

.text Size: 16KB - Virtual size: 16KB

.bss Size: 512B - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 160KB - Virtual size: 295KB

.icode Size: 6KB - Virtual size: 179KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 16KB - Virtual size: 16KB

.bss
Size: 512B - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 160KB - Virtual size: 295KB

.icode
Size: 6KB - Virtual size: 179KB

.rsrc
Size: 18KB - Virtual size: 17KB