05cfd8e75fcba310cb740838d9b45806_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

05cfd8e75fcba310cb740838d9b45806_JaffaCakes118
Size

2.2MB
MD5

05cfd8e75fcba310cb740838d9b45806
SHA1

a44112a28f7ea37c9f2c7e2a00216e66bc3d1f2f
SHA256

fbb58d6ec58247f57e9443e72b08e7425a7f9f831d52e226ffce4c32d79384ad
SHA512

b6c64afcfa7089567830746eff1b50bb756f67b9133292c1c7d6d420a70835caf6b21d7f371b80df5e6bbb3d0578c2540dbc2edeaa60342e39d7d992180471b4
SSDEEP

49152:l4WM2U1ilTGNWmoqOI1rix8ITVXg3IBieZBIb+yFAxl+sz45Xevkq:l4WM2yilyW7a1ri66Xg3IBzTIb+ycl+Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05cfd8e75fcba310cb740838d9b45806_JaffaCakes118

Files

05cfd8e75fcba310cb740838d9b45806_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c483f73d416893c74dfcd711adb9477

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateProcessA
GetPriorityClass
GetCurrentProcess
DeleteFileA
SetFileAttributesA
ResumeThread
GetCurrentThreadId
CreateEventA
SetEvent
GetExitCodeThread
GetStartupInfoA
ExitProcess
GetCommandLineA
InitializeCriticalSection
DeleteCriticalSection
WaitForSingleObject
GetProcessHeap
HeapReAlloc
HeapFree
CreateThread
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
WaitForMultipleObjects
ReadFile
GetFileSize
MoveFileA
GetShortPathNameA
GetWindowsDirectoryA
SetLastError
GetExitCodeProcess
CreateFileA
WriteFile
LocalFree
GetProcAddress
GetTempPathA
EnumResourceNamesA
FindResourceA
LoadResource
LockResource
SizeofResource
lstrcmpiA
GetModuleFileNameA
FreeLibrary
LoadLibraryA
lstrcpyA
lstrlenA
lstrcatA
lstrlenW
WideCharToMultiByte
HeapAlloc
GetModuleHandleA

user32

SetWindowTextA
GetSystemMetrics
EndDeferWindowPos
DeferWindowPos
ScreenToClient
BeginDeferWindowPos
PostMessageA
CharNextA
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects
GetSysColor
LoadStringA
GetClientRect
GetDC
LoadCursorA
SetCursor
SetWindowLongA
GetWindowTextA
EndDialog
SetTimer
InvalidateRect
UpdateWindow
DefWindowProcA
RedrawWindow
GetDlgItem
EnableWindow
SetForegroundWindow
SendMessageA
SendDlgItemMessageA
GetWindowRect
MapWindowPoints
SetWindowPos
KillTimer
ReleaseDC
DialogBoxParamA
LoadImageA
wsprintfA

gdi32

GetDeviceCaps
CreateHalftonePalette
DeleteObject
UpdateColors
SetTextColor
SelectPalette
CreateFontIndirectA
CreateCompatibleDC
GetObjectA
DeleteDC
RealizePalette
BitBlt
SelectObject

advapi32

RegCreateKeyExA
RegSetValueExA
RegFlushKey
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantInit
VariantClear

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c483f73d416893c74dfcd711adb9477

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 3.1MB - Virtual size: 3.1MB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 3.1MB - Virtual size: 3.1MB