01c0153e2669af3719896a82683b0894_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

01c0153e2669af3719896a82683b0894_JaffaCakes118
Size

106KB
MD5

01c0153e2669af3719896a82683b0894
SHA1

0a667b01c79f2fd944a7feb96794a3a91b316e5c
SHA256

fae25cc5a01513c67124a857c215448c3676ececbc3d59e3b3180e8cd0507f47
SHA512

deed57269f1c4a9d76429bc34413d1ed83705407299624f8a3fce0ca7f968595214db36d72e75140d9e837232b74a1296774fa12d771a6b948ff0b0a5bea7116
SSDEEP

3072:BjqF89PdCVs449yesCfME06dgLPC9v4gDTfd3cyTYBqHzrjpJcBuHrs:BjqFMHbyk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01c0153e2669af3719896a82683b0894_JaffaCakes118

Files

01c0153e2669af3719896a82683b0894_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1170bee5c82b6ab61612e1fca603324e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetModuleFileNameA
GetFileAttributesA
GetCurrentThread
GetCPInfo
GetStartupInfoA
lstrcatA
GetOEMCP
SetThreadLocale
GetCommandLineA
GetEnvironmentStrings
EnumCalendarInfoA
WriteFile
FindClose
GetLocaleInfoA
CompareStringA
HeapFree
ExitThread
GlobalFindAtomA
MoveFileExA
GlobalDeleteAtom
SizeofResource
GetThreadLocale
WideCharToMultiByte
lstrcpyA
GetProcAddress
ExitProcess
GetStringTypeA
SetLastError
lstrcpynA
GetTickCount
GetDateFormatA
SetHandleCount
lstrcmpA
VirtualAllocEx
GetFileType
GetCurrentProcess
CreateFileA
GetModuleHandleA
InitializeCriticalSection
GetSystemDefaultLangID
GetCurrentThreadId
CreateThread
GetVersion
GetFileSize
SetFilePointer
HeapDestroy
LockResource
GetDiskFreeSpaceA
LoadResource
GetCurrentProcessId
LoadLibraryA
VirtualAlloc
GetProcessHeap
LoadLibraryExA
FindResourceA
FindFirstFileA
WaitForSingleObject
VirtualFree
CloseHandle
GetLocalTime
RaiseException
GetVersionExA
EnterCriticalSection
FormatMessageA
GetStdHandle

msvcrt

calloc
log10
memcpy
malloc
memmove

gdi32

GetPaletteEntries
GetRgnBox

user32

DispatchMessageW
GetMenuItemID
GetMenuItemCount
GetSysColorBrush
CallWindowProcA
GetForegroundWindow
DefWindowProcA
GetScrollPos
GetKeyNameTextA
GetMenuState
DrawIcon
DrawMenuBar
CreateIcon
DrawIconEx
CreateWindowExA
DeferWindowPos
SetWindowPos
EnableScrollBar
CharNextA
DrawFrameControl
SystemParametersInfoA
EnumWindows
GetSubMenu
ShowWindow
MessageBoxA
GetCursor
GetMenuItemInfoA
CreateMenu
GetCursorPos
FillRect
DefMDIChildProcA
GetSysColor
GetScrollInfo
DefFrameProcA
GetDC
ClientToScreen
GetClassLongA
IsMenu
IsWindowVisible
SetCursor
GetFocus
BeginDeferWindowPos
EnableMenuItem
GetKeyState
TrackPopupMenu
HideCaret
GetClassInfoA
GetScrollRange
IsChild
RegisterClassA
GetClientRect
EnableWindow
EndDeferWindowPos
IsDialogMessageA
DrawEdge
GetDlgItem
SetTimer
DispatchMessageA
DrawTextA
GetMenuStringA
ShowScrollBar

Sections

CODE
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1170bee5c82b6ab61612e1fca603324e

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

Sections

CODE Size: 53KB - Virtual size: 53KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 48KB - Virtual size: 47KB

CODE
Size: 53KB - Virtual size: 53KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 48KB - Virtual size: 47KB