03f746918930ae4b554938921f598e81_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

03f746918930ae4b554938921f598e81_JaffaCakes118
Size

680KB
MD5

03f746918930ae4b554938921f598e81
SHA1

d1662f63be632169c6fa4a4a95945c5f5e21c2d5
SHA256

d022c131650785127cfd3f80c1f9be333796f328572e54ee19bfa795a9bdc32a
SHA512

48dc074eca1455896563f3d0a3197d8e1c41c7d9e037f68f2034bce7b5b93ed90d1f2cd936ef7727489aa10b0728b9e39572b58dbad7c8eced3ccb13980da057
SSDEEP

12288:6IbPjh4KgJPpdHzABsLdFsb8Wg+QJgYcJw0iSxbVkHFH6hOTx9d:6IPmKgJhdHcKB+brG6vJw0iSxxgB6m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03f746918930ae4b554938921f598e81_JaffaCakes118

Files

03f746918930ae4b554938921f598e81_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c0911a698fd48720e8a9bda538f43e39

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostQuitMessage
SetWindowPos
GetDC
GetCursorPos
ReleaseDC
GetClientRect
UpdateWindow
EnableWindow
PeekMessageA
GetWindow
EnableMenuItem
RegisterClassA
GetWindowLongA
CreateWindowExA
FillRect
DispatchMessageA
EndPaint
SetFocus
BeginPaint
KillTimer
DefWindowProcA
GetSystemMetrics
GetWindowRect
SetCapture
ReleaseCapture
SetTimer
GetDlgItem
LoadCursorA
TrackPopupMenu
GetDesktopWindow
SetForegroundWindow
MessageBoxA
GetSysColor
IsWindowVisible
InvalidateRect
SetCursor

advapi32

RegCreateKeyExA
RegDeleteValueA
RegCloseKey

kernel32

LoadLibraryA
RtlUnwind
GetProcessHeap
GetStdHandle
GetConsoleOutputCP
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
HeapDestroy
GetFileAttributesW
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
GetConsoleMode
GetLocaleInfoA
LocalAlloc
CreateFileA
FreeEnvironmentStringsW
GetTempPathA
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
FreeEnvironmentStringsA
lstrcmpA
VirtualAlloc
Sleep
VirtualFree
FindResourceW
UnmapViewOfFile
CreateProcessA
SetStdHandle
GetVersion
GetACP
CloseHandle
ReadFile
GetModuleHandleA
RaiseException
GetCurrentThread
GetCommandLineA
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
FileTimeToLocalFileTime
lstrlenW
VirtualQuery
GetEnvironmentStringsW
LCMapStringA
GlobalFree
lstrlenA
HeapCreate
LCMapStringW
InitializeCriticalSection
GetLastError
InterlockedIncrement
ExitProcess
TlsSetValue
GetFileType
CreateEventA
CreateFileW
FindFirstFileW
CreateFileMappingA
CompareStringA
CompareStringW
GetProcAddress
SetEvent
DeleteFileA
GetFileSize
GetStartupInfoA
lstrcmpiW
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
LeaveCriticalSection
GetCurrentThreadId
SetEndOfFile
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
GetLocalTime
MultiByteToWideChar
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
InterlockedDecrement
SetLastError
TlsGetValue
FindClose
GetEnvironmentVariableA
LocalFree
GetOEMCP

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 624KB - Virtual size: 623KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0911a698fd48720e8a9bda538f43e39

Headers

File Characteristics

Imports

user32

advapi32

kernel32

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 624KB - Virtual size: 623KB

.data Size: 20KB - Virtual size: 21KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 624KB - Virtual size: 623KB

.data
Size: 20KB - Virtual size: 21KB

.rsrc
Size: 8KB - Virtual size: 4KB