10e3d412f874ada712850065e055d16e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

10e3d412f874ada712850065e055d16e_JaffaCakes118
Size

26KB
MD5

10e3d412f874ada712850065e055d16e
SHA1

4ee94e3e0093a98d52040127ffd7e5a15ddd68c9
SHA256

7fd45a31effad1aab69701f60290ac35adb40c1f8dd7322631a1f944a7f80684
SHA512

8281afce4eb58906caae7c2780ee3b143ca6e848c76b1ebd86229d60ec13e4cf8f3f912abcc816b1f454ed356cc5fb4b1c2b7fe6853bd9aa160e03057e9c16b2
SSDEEP

768:cLwUrxZo5IbVWtgn+XZzgqGYZbeEusbE9lDbWKI12xGQd:c0UrxZobtaIZzg0ZxuX9lDbWKvvd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10e3d412f874ada712850065e055d16e_JaffaCakes118

Files

10e3d412f874ada712850065e055d16e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4997939c008b74125799065f4ceae606

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
GetStartupInfoA
CloseHandle
GetExitCodeThread
WaitForSingleObject
WriteFile
ReadFile
SetFilePointer
GetFileSize
CreateFileA
lstrcatA
GetSystemDirectoryA
MoveFileExA
DeleteFileA
CreateThread
CreateRemoteThread
GetProcAddress
GetModuleHandleA
GetLastError
WaitForMultipleObjects
WinExec
lstrcpyA
CreateProcessA
GetTickCount
CreateEventA
GetCurrentProcessId
FreeLibrary
SetEvent
LoadLibraryA
GetVersionExA
OutputDebugStringA
FormatMessageA
GetCurrentThreadId
GetLocalTime
ReleaseMutex
LocalFree
DeviceIoControl
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
OpenProcess
WriteProcessMemory
GetSystemTimeAsFileTime
TerminateProcess
TerminateThread
ExitProcess
GetCommandLineA
ReadProcessMemory

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

hlink

ord3
ord5
ord4

msvcr71

__set_app_type
_exit
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
_controlfp
_strupr
_XcptFilter
_ismbblead
_cexit
?terminate@@YAXXZ
memmove
??3@YAXPAX@Z
??_V@YAXPAX@Z
__CxxFrameHandler
_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z
_vsnprintf
sprintf
malloc
_callnewh
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
__security_error_handler
_except_handler3
??1type_info@@UAE@XZ
__dllonexit
_onexit
_c_exit
exit

shlwapi

StrStrIA
StrStrA
PathFileExistsA

user32

FindWindowExW
FindWindowExA
FindWindowW
FindWindowA
GetWindowTextW
GetWindowTextA
SendMessageW
UnhookWindowsHookEx
SetWindowsHookExA
SetWindowsHookExW
AttachThreadInput
DdeCreateDataHandle
SendMessageA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rebld_r
Size: 912B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rebld_i
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4997939c008b74125799065f4ceae606

Headers

File Characteristics

Imports

kernel32

advapi32

hlink

msvcr71

shlwapi

user32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 864B

.rsrc Size: 1024B - Virtual size: 920B

.rebld_r Size: 912B - Virtual size: 912B

.rebld_i Size: 2KB - Virtual size: 2KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 864B

.rsrc
Size: 1024B - Virtual size: 920B

.rebld_r
Size: 912B - Virtual size: 912B

.rebld_i
Size: 2KB - Virtual size: 2KB