02e13a7af6dc9db9f6aa433660afa601_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

02e13a7af6dc9db9f6aa433660afa601_JaffaCakes118
Size

32KB
MD5

02e13a7af6dc9db9f6aa433660afa601
SHA1

f5ca0fe4b38834c4218e7a80e40a660119479135
SHA256

a83ac79e6272ffc5f1d44a73b610bba241e108d51801e6c07f2a34ed641f0cbd
SHA512

a936e95c120ff2dd3f2d655df6e8e3e467ee8dc3f05ae4fe61baa31dd5d864ecc92e536208050af924281b137693cf148e55aae78505d3a00a160d4037348cff
SSDEEP

768:lz3rbfm+mlHQwFbl5w4KN7N7OjwqVAxbawo:p7bfLCQwFa7OjvVAxbawo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02e13a7af6dc9db9f6aa433660afa601_JaffaCakes118

Files

02e13a7af6dc9db9f6aa433660afa601_JaffaCakes118
.exe windows:5 windows x86 arch:x86

18dead889484e8f7727f378b3993ac3e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowRect
IsIconic
CreateWindowExW
DrawMenuBar
GetDlgItem
AdjustWindowRectEx
GetMessageW
GetSysColor
WaitForInputIdle
SetWindowPos
GetMessageExtraInfo
DrawTextW
GetMenuStringW
CopyImage
AppendMenuA
ValidateRect
LoadImageW
EmptyClipboard
DrawTextA
TranslateMessage
ReleaseDC
DispatchMessageW
IsWindowVisible
PostMessageA
IsCharUpperA
CloseWindow
DestroyAcceleratorTable
GetWindow
DdeDisconnect
SendDlgItemMessageW
TranslateAcceleratorA
SetActiveWindow
SetThreadDesktop
SetLastErrorEx
GetKeyState
BeginPaint
MoveWindow
GetDC
EndPaint
GetWindowTextW
ChildWindowFromPointEx
IsZoomed
GetClientRect
RedrawWindow
FindWindowExA
InSendMessage
IsWindowEnabled
DestroyWindow
ShowWindow
SetParent
GetScrollPos
GetFocus

kernel32

GlobalGetAtomNameW
AreFileApisANSI
FindFirstVolumeW
ConsoleMenuControl
GlobalAddAtomW
SetConsolePalette
TlsGetValue
ReadFile
GetACP
SetLastError
InitAtomTable
CreateSemaphoreW
MoveFileW
DosDateTimeToFileTime
DeviceIoControl
FreeEnvironmentStringsW
ReadConsoleInputW
SizeofResource
FindCloseChangeNotification
FreeResource
GetCommandLineA
TlsAlloc
HeapAlloc
GlobalSize
GetCurrentConsoleFont
LoadLibraryA
WaitForDebugEvent
OpenEventA
HeapValidate
GetTickCount
GetModuleFileNameA
GetCurrentProcessId
GlobalFindAtomW
FormatMessageA
GetFileInformationByHandle
lstrcpyA
GetSystemDirectoryW
FileTimeToSystemTime
GetConsoleMode
GetOverlappedResult
GetProcessVersion
TlsSetValue
WaitForSingleObject
GetShortPathNameW
GetConsoleTitleW
GetThreadContext
GetSystemTime
InterlockedExchange
ScrollConsoleScreenBufferW
ReadConsoleOutputCharacterA
GetWindowsDirectoryA
ClearCommError
SearchPathW
lstrcatA
DuplicateHandle
HeapFree
WriteConsoleOutputA
TlsFree
GetModuleHandleA
SystemTimeToFileTime
GetSystemDefaultLangID
MoveFileExA

dbghelp

GetTimestampForLoadedLibrary
SymSetOptions
SymGetModuleInfo
SymInitialize

psapi

GetModuleFileNameExA
EnumProcessModules
GetModuleBaseNameW

gdi32

GetTextExtentExPointW
CreateBitmap
CreateCompatibleDC
CreateSolidBrush
RemoveFontResourceW
CreatePen
CreateEllipticRgnIndirect
SetRectRgn
GetDIBColorTable
ScaleWindowExtEx
EndPage
UpdateColors
EnumFontFamiliesExW
DrawEscape
SetBkColor
CreateEnhMetaFileW
SelectPalette
CreateMetaFileA
DeleteDC
GetObjectA

msvcrt

_vsnprintf
strcspn
remove
floor
isdigit
qsort
memset
rand
fopen

Exports

Exports

_RemoveQueueMsg@8
LquEqmtCxmilhrvc@8
VovXeayywtaa@8
_SendTestMsg@12
MrSZwxrxokGy@16

Sections

.code
Size: - Virtual size: 31KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CONST
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18dead889484e8f7727f378b3993ac3e

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

dbghelp

psapi

gdi32

msvcrt

Exports

Exports

Sections

.code Size: - Virtual size: 31KB

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 2KB

DATA Size: 512B - Virtual size: 512B

CONST Size: 512B - Virtual size: 512B

.rsrc Size: 10KB - Virtual size: 10KB

.reloc Size: 1024B - Virtual size: 832B

.code
Size: - Virtual size: 31KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 2KB

DATA
Size: 512B - Virtual size: 512B

CONST
Size: 512B - Virtual size: 512B

.rsrc
Size: 10KB - Virtual size: 10KB

.reloc
Size: 1024B - Virtual size: 832B