10cec401f69ed25d2389f0a534b168bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

10cec401f69ed25d2389f0a534b168bb_JaffaCakes118
Size

190KB
MD5

10cec401f69ed25d2389f0a534b168bb
SHA1

84897c8404869a1eaa238d5df9a792c9b9c52f3e
SHA256

a537592d8df34fea0c970b9dbe6927574374a53fd3f43e879ce431bea20843fb
SHA512

ebee7f0b21521242d9651befa999423d074643c44b16bf26ea9f22bf2537ba2ae2d4aebe4ebac9fe6876719ed9bafbb012be7f08d62b57b243597865b3c3de77
SSDEEP

3072:DUdB8d1ppqnDkMFVlc+iVc8RTzYJAp9WTE8f5iWWH9a+0fNpf7faP8S8a:DUv61IV1ccJNTDYH9R8pf7y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10cec401f69ed25d2389f0a534b168bb_JaffaCakes118

Files

10cec401f69ed25d2389f0a534b168bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78ec899840a716c467a0001e821e45e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MapWindowPoints
CharNextA
UnhookWindowsHookEx
MessageBoxA
DrawAnimatedRects
GetFocus
EnumWindows
DestroyIcon
ShowWindow
SetRect
SetPropA
EmptyClipboard

kernel32

LocalAlloc
GetModuleHandleA
GetCurrentThreadId
GetCurrentThread
ExitProcess
SetEvent
ReadFile
GetLastError
LoadLibraryA
GetProcessHeap
GetACP
WaitForSingleObject
GetStdHandle
GlobalAlloc
SetLastError
WriteFile
GetModuleFileNameA
FindFirstFileA
Sleep
DeleteCriticalSection
VirtualAllocEx
ExitThread
MulDiv
HeapAlloc
GlobalAddAtomA
FreeResource
GetDateFormatA
SetFilePointer
GetVersionExA
GetFileType
MoveFileExA
SetHandleCount
GetCommandLineA
VirtualQuery
GetEnvironmentStrings
CloseHandle
GlobalDeleteAtom
GetUserDefaultLCID
GetLocaleInfoA
GetCurrentProcessId
FormatMessageA
ResetEvent
RaiseException
GetOEMCP
GetVersion
GetFileSize
FindClose
GetStringTypeA
GetProcAddress
SetEndOfFile
lstrcmpiA
GlobalFindAtomA
CreateFileA
lstrcatA
LoadLibraryExA
DeleteFileA
SetErrorMode
GetSystemDefaultLangID

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 366B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gdata
Size: 1024B - Virtual size: 671B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78ec899840a716c467a0001e821e45e2

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 41KB - Virtual size: 41KB

.data Size: 132KB - Virtual size: 131KB

.rdata Size: 3KB - Virtual size: 87KB

.idata Size: 512B - Virtual size: 366B

.gdata Size: 1024B - Virtual size: 671B

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 41KB - Virtual size: 41KB

.data
Size: 132KB - Virtual size: 131KB

.rdata
Size: 3KB - Virtual size: 87KB

.idata
Size: 512B - Virtual size: 366B

.gdata
Size: 1024B - Virtual size: 671B

.rsrc
Size: 10KB - Virtual size: 10KB