02bb32a3ef2d5e334abc45565c74d807_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

02bb32a3ef2d5e334abc45565c74d807_JaffaCakes118
Size

180KB
MD5

02bb32a3ef2d5e334abc45565c74d807
SHA1

b7df9fa67a3d0323a2c45c1350984f919f4cd816
SHA256

3dacf8a3174f62ce405997871ae64b4df5649b1355a41ad44d357013951aaeb4
SHA512

f68ec1a01b0923376c30251139d2a85d26988acfd3b5486d2ef0fe978ccf5c94a3fd4a8b97c32dbe6fb6009866e03b05bb58c415b9d1e8e2de97897e639ecd79
SSDEEP

3072:LW/VYzBv1Vh1HHoGFffUMd94EVMgE0FbAQoIW4qObmdSP:C/VYdIMd94EdE0ZhDLUs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02bb32a3ef2d5e334abc45565c74d807_JaffaCakes118

Files

02bb32a3ef2d5e334abc45565c74d807_JaffaCakes118
.exe windows:4 windows x86 arch:x86

80db88df34ca1b3e487ed0af580b330a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

mbstowcs
memmove
_acmdln
cos
log

user32

IsChild
EnumWindows
DrawFrameControl
IsDialogMessageA
ClientToScreen
SystemParametersInfoA
GetPropA
EnumThreadWindows
GetDCEx
IsWindowVisible
GetFocus
HideCaret
FillRect
CharToOemA
GetClassInfoA
GetMenuState
DeferWindowPos
CreatePopupMenu
GetSubMenu
TrackPopupMenu
GetMenuItemID
GetSysColor
DrawMenuBar
FrameRect
CallWindowProcA
GetSysColorBrush
GetActiveWindow
GetWindow
DefWindowProcA
EnumChildWindows
GetMessagePos
GetCapture
BeginPaint
GetParent
CallNextHookEx
DrawTextA
EnableMenuItem
DrawIcon
MessageBoxA
ShowScrollBar
EndDeferWindowPos
GetDC
EnableWindow
SetWindowLongA
GetMenu
GetMenuItemCount
SetTimer
CheckMenuItem
GetKeyState
GetScrollPos
RegisterClassA
GetCursorPos
GetDlgItem
DefFrameProcA
GetCursor
CharLowerBuffA
GetKeyNameTextA
GetScrollInfo
DispatchMessageA
GetIconInfo
SetWindowTextA
GetForegroundWindow

kernel32

GlobalFindAtomA
lstrlenA
MoveFileExA
GetLastError
SetLastError
FormatMessageA
DeleteFileA
SetHandleCount
LoadLibraryA
ReadFile
GetStartupInfoA
lstrcatA
FreeLibrary
SizeofResource
VirtualQuery
GlobalDeleteAtom
GetStringTypeW
GetEnvironmentStrings
GetThreadLocale
FindClose
lstrcpynA
CloseHandle
LocalAlloc
VirtualFree
MulDiv
GetDateFormatA
LocalReAlloc
lstrcmpA
CreateFileA
ExitProcess
ResetEvent
CreateEventA
EnterCriticalSection
GetUserDefaultLCID
GetStringTypeA
VirtualAllocEx
LockResource
GetACP
GetFileAttributesA
SetErrorMode
GetStdHandle
GetModuleHandleA
GetVersion
DeleteCriticalSection
Sleep
GetProcAddress
RaiseException
GetFileSize
MoveFileA
VirtualAlloc
InitializeCriticalSection
GetLocalTime
LoadLibraryExA
GetCurrentThreadId
GetOEMCP
GlobalAddAtomA
GetFullPathNameA
CompareStringA
WideCharToMultiByte
GetSystemDefaultLangID
GetModuleFileNameA
GetProcessHeap
GlobalAlloc

comdlg32

FindTextA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 130KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 512B - Virtual size: 235B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

80db88df34ca1b3e487ed0af580b330a

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

comdlg32

Sections

.text Size: 43KB - Virtual size: 42KB

.data Size: 4KB - Virtual size: 3KB

BSS Size: 130KB - Virtual size: 213KB

.init Size: 512B - Virtual size: 235B

.tls Size: 1KB - Virtual size: 1KB

.text
Size: 43KB - Virtual size: 42KB

.data
Size: 4KB - Virtual size: 3KB

BSS
Size: 130KB - Virtual size: 213KB

.init
Size: 512B - Virtual size: 235B

.tls
Size: 1KB - Virtual size: 1KB