10a99ed0ec09259f088e337258daf8fd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

10a99ed0ec09259f088e337258daf8fd_JaffaCakes118
Size

331KB
MD5

10a99ed0ec09259f088e337258daf8fd
SHA1

032cbfbf884c699e1440e1ea14a89aec75a4a55e
SHA256

c02c3a8c3aa3b06a493112ddd26f429e7140bd6537165e70bd66b5d8521daa4b
SHA512

c58d64f28e2fe506b105fba3bed4a14907eee7f358a24a830a6b5741cad3f81b52246da41454b9be87939cda1b225818aaab944b47d7f5aaea633c08d9394a10
SSDEEP

6144:ulDcgDmUvwuntYOqtTlv3oyw08svg4XjcdGP+0hD3514+kJmUjmTXpfFXWkIdNG7:ud7yUBPqFlv33DY4XjcwP+0Fp1CcUjmN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10a99ed0ec09259f088e337258daf8fd_JaffaCakes118

Files

10a99ed0ec09259f088e337258daf8fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

326a4c3a1bd1ac38904ee1ae707392ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LookupIconIdFromDirectory
DialogBoxParamA
CreateWindowExA
SetForegroundWindow
SetSysColors
DeferWindowPos
GetSysColor
ShowWindowAsync
SetWindowPlacement
IsChild
SetWindowPos
CreateDialogParamA
GetWindow
GetForegroundWindow
GetDesktopWindow

oledlg

ord7
ord4
ord6
ord8
ord5
ord11
ord9
ord12
ord2
ord3
ord10
ord1

gdi32

FloodFill
CloseEnhMetaFile
CopyEnhMetaFileA
GdiSetBatchLimit
Ellipse
DeleteDC
Arc
ExtCreateRegion
CreateFontW
GetBkColor
CreateCompatibleDC

advapi32

BackupEventLogW
RegLoadKeyA
RegSetValueExA
CloseEventLog
RegEnumValueA
RegCreateKeyExA
AccessCheck
RegOverridePredefKey

kernel32

LocalUnlock
GetStartupInfoA
OpenMutexA
WriteProfileStringA
GetModuleHandleA
GetProcAddress
CloseHandle
VirtualAlloc
WriteProfileSectionA
CompareStringA
GetNumberFormatA
GetUserDefaultLangID
HeapFree
HeapCreate
HeapUnlock
LocalHandle
CreateEventA
GlobalMemoryStatus
HeapReAlloc
IsValidLocale

winmm

PlaySoundA

netapi32

NetConfigGet
NetGetJoinableOUs
Netbios
NetAuditRead
NetGroupAddUser
NetConnectionEnum
NetGroupAdd
NetErrorLogRead
NetFileGetInfo
NetConfigGetAll
NetLocalGroupEnum
NetAuditWrite
NetGetAnyDCName
NetFileEnum
NetFileClose

aclui

ord2
ord1

activeds

ord8
ord16
ord4
ord23
ord14
ord22
ord7
ord9
ord12
ord18
ord15
ord6
ord17
ord13

msvcrt

_XcptFilter
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
exit
_acmdln
__getmainargs
_exit

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

326a4c3a1bd1ac38904ee1ae707392ed

Headers

File Characteristics

Imports

user32

oledlg

gdi32

advapi32

kernel32

winmm

netapi32

aclui

activeds

msvcrt

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 313KB - Virtual size: 313KB

.data Size: 512B - Virtual size: 102KB

.tls Size: 512B - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 313KB - Virtual size: 313KB

.data
Size: 512B - Virtual size: 102KB

.tls
Size: 512B - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 4KB