0428a0831a6f9344c34b687c81515ea0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0428a0831a6f9344c34b687c81515ea0_JaffaCakes118
Size

175KB
MD5

0428a0831a6f9344c34b687c81515ea0
SHA1

ed755d627ac00550ebf9380955aab22f550ed7a7
SHA256

f6ba7434a410986a623a9d53afced295cf7debf6e9f4cfecdf681e011ebe0496
SHA512

f69a1a3dff3a2943edad88978222b08f9c35dae12d2b78ed1c88fb22a29679ebb357a2fa872220f156cc62e7fcff41e61a7568a13a1074b46e8cb1ff51830a04
SSDEEP

3072:p4kUANTX5VVtqHWzxdT3uKDA1lyFoov0cDhqO1Am+8f:p/vvVrhuPlqoov0Khlt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0428a0831a6f9344c34b687c81515ea0_JaffaCakes118

Files

0428a0831a6f9344c34b687c81515ea0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f403d8f09229f7a22c5d2332cc21ce3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowScrollBar
DrawFrameControl
GetSubMenu
FindWindowA
GetMenu
TrackPopupMenu
GetDlgItem
GetCapture
SystemParametersInfoA
EndDeferWindowPos
GetWindow
CallWindowProcA
GetWindowTextA
GetCursor
EnableWindow
CharToOemA
GetClassInfoA
GetClassLongA
GetCursorPos
IsChild
DrawTextA
HideCaret
EnumChildWindows
GetPropA
GetMenuStringA
DrawEdge
EnableMenuItem
GetScrollPos
EnumThreadWindows
GetMenuItemID
CharLowerA
CharNextA
CallNextHookEx
GetKeyNameTextA
BeginDeferWindowPos
GetDCEx
EnumWindows
GetSysColorBrush
BeginPaint
ClientToScreen
CreateIcon
SetCursor
GetDesktopWindow
DrawIcon
GetScrollRange
GetKeyState
DefFrameProcA
IsMenu
CreateWindowExA
CharLowerBuffA
IsWindowEnabled
EndPaint
DispatchMessageW
IsDialogMessageA
FillRect
ShowWindow
SetTimer
CheckMenuItem
GetClipboardData
GetMenuState
MessageBoxA
GetForegroundWindow
CreatePopupMenu
DispatchMessageA
GetParent
DrawIconEx
FrameRect
EnableScrollBar
GetMenuItemInfoA

comctl32

ImageList_Write
ImageList_Draw
ImageList_Add
ImageList_Create
ImageList_Destroy

msvcrt

memmove
sin
log10
abs
acos
srand

kernel32

lstrcmpA
ExitProcess
ExitThread
GetVersion
GetCurrentThreadId
GetFileType
LoadLibraryExA
FormatMessageA
GetDiskFreeSpaceA
GetStringTypeW
lstrcpynA
VirtualFree
HeapDestroy
GetProcessHeap
FreeResource
GetVersionExA
GetACP
SetLastError
WaitForSingleObject
LocalAlloc
GetCurrentProcessId
GlobalDeleteAtom
SetErrorMode
GetCommandLineA
LocalReAlloc
GetUserDefaultLCID
GetLastError
LocalFree
HeapAlloc
VirtualAlloc
GetProcAddress
GetSystemDefaultLangID
LoadLibraryA
CreateFileA
GlobalFindAtomA
MulDiv
lstrlenA
GetLocaleInfoA
VirtualQuery
LoadResource
WriteFile
SetFilePointer
LockResource
WideCharToMultiByte
lstrcpyA
InitializeCriticalSection
GetFileSize
GetModuleHandleA
SizeofResource
SetEvent
FreeLibrary
CompareStringA
GlobalAlloc
DeleteFileA
MoveFileExA
GetLocalTime
CreateEventA
lstrcmpiA
GetStartupInfoA
HeapFree
GetEnvironmentStrings
SetThreadLocale
GetFileAttributesA
GetStdHandle
GetDateFormatA
ResetEvent
GetTickCount
GetModuleFileNameA
EnterCriticalSection

Sections

CODE
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 4KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f403d8f09229f7a22c5d2332cc21ce3

Headers

File Characteristics

Imports

user32

comctl32

msvcrt

kernel32

Sections

CODE Size: 41KB - Virtual size: 40KB

.tls Size: 4KB - Virtual size: 131KB

.rdata Size: 128KB - Virtual size: 127KB

.init Size: 1024B - Virtual size: 968B

CODE
Size: 41KB - Virtual size: 40KB

.tls
Size: 4KB - Virtual size: 131KB

.rdata
Size: 128KB - Virtual size: 127KB

.init
Size: 1024B - Virtual size: 968B