043306c74ed90e2a0c52318dcfcc78d5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

043306c74ed90e2a0c52318dcfcc78d5_JaffaCakes118
Size

107KB
MD5

043306c74ed90e2a0c52318dcfcc78d5
SHA1

d03a0020e3079117252e20d89215f1cd7dec6768
SHA256

fbde95e1796f5dc2dfe0d69144c4ed4ad83acff46ff8828da1afa380bab1f556
SHA512

0d791baed0f27cb9bb900531ded1ba86c423c58ba08747f99a1f8fc54b63c8e4a1301d5dae33add61383dad9aa11a9aba1a7877ff4c2dba7f7c38b0251b39a34
SSDEEP

1536:7P/ctbyX/kOo6bE1m5m3zoGAOEqxj1DZqroiJfEpRClsmywCIZr3ZLy6DBj/++rd:G0g3fAOFYrJMR2JywCErxyoj2txa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
043306c74ed90e2a0c52318dcfcc78d5_JaffaCakes118

Files

043306c74ed90e2a0c52318dcfcc78d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e9c9efd65978125f5179e2c93566342

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

GetErrorInfo
OleLoadPicture
SysStringLen
SafeArrayGetElement

gdi32

GetBitmapBits

comdlg32

ChooseColorA
GetFileTitleA
GetSaveFileNameA
FindTextA
GetOpenFileNameA

user32

GetCursorPos
EnumThreadWindows
FindWindowA
GetClassLongA
CallNextHookEx
FrameRect
GetDesktopWindow
CreateIcon
FillRect
DeferWindowPos
GetClassInfoA
DrawFrameControl
GetDC
ClientToScreen
SetTimer
GetScrollPos
DrawIconEx
IsWindowVisible
EqualRect
SetWindowTextA
CreatePopupMenu
CharToOemA
TrackPopupMenu
CallWindowProcA
DispatchMessageA
GetMenuStringA
GetCursor
GetMenuItemInfoA
IsMenu
SystemParametersInfoA
DrawEdge
GetScrollRange
IsChild
DrawIcon
GetSysColorBrush
CharLowerBuffA
GetMenuState
GetMenuItemCount
GetCapture
GetKeyNameTextA
EndPaint
IsWindowEnabled
BeginDeferWindowPos
SetWindowPos
IsDialogMessageA
GetWindow
GetSysColor
GetFocus
GetPropA
GetActiveWindow
GetScrollInfo
EnableWindow
SetWindowLongA
EndDeferWindowPos
CharLowerA
GetSubMenu
DrawTextA
MessageBoxA
DispatchMessageW

kernel32

GetProcAddress
FreeLibrary
GetThreadLocale
GetStringTypeA
ReadFile
GetLocaleInfoA
MoveFileExA
ExitThread
GetDiskFreeSpaceA
CompareStringA
GetOEMCP
GetCurrentThreadId
GetUserDefaultLCID
CreateThread
CreateFileA
GetStartupInfoA
InitializeCriticalSection
LoadLibraryA
GlobalAlloc
WideCharToMultiByte
GetCPInfo
GetCommandLineA
LocalAlloc
GlobalDeleteAtom
GetFileSize
GetModuleHandleA
VirtualAllocEx
LocalReAlloc
GetLastError
GlobalAddAtomA
VirtualAlloc
GetCurrentThread
LocalFree
GetCurrentProcess
Sleep
lstrcmpA
FindClose
GetFileAttributesA
LoadLibraryExA
FindFirstFileA
HeapAlloc
SetEndOfFile
HeapDestroy
GetVersionExA
CreateEventA
ExitProcess
GetProcessHeap

msvcrt

memmove
malloc
clock
strcmp
wcsncmp
tolower
memcpy
wcschr
sqrt
wcscspn
exit
wcstol
memset

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e9c9efd65978125f5179e2c93566342

Headers

File Characteristics

Imports

oleaut32

gdi32

comdlg32

user32

kernel32

msvcrt

Sections

.text Size: 51KB - Virtual size: 50KB

.tls Size: 44KB - Virtual size: 44KB

.bss Size: 8KB - Virtual size: 8KB

BSS Size: 2KB - Virtual size: 1KB

.text
Size: 51KB - Virtual size: 50KB

.tls
Size: 44KB - Virtual size: 44KB

.bss
Size: 8KB - Virtual size: 8KB

BSS
Size: 2KB - Virtual size: 1KB