0d389e92cc90bdca11b0681ed20d3831_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d389e92cc90bdca11b0681ed20d3831_JaffaCakes118
Size

680KB
MD5

0d389e92cc90bdca11b0681ed20d3831
SHA1

fff769761b701313b68f73ffd7cefc01540eeacf
SHA256

1a403fd99c9041f50edd98bf0bb5dc65c2c85b445ff14a5e30d7730bc007705f
SHA512

be68bfd81c818156e27d0e0e3cbd0691ec9da7311c92affce521a9d2d0b4ceb4d3c09534582f1475f41b8f7d5751433340d3d001cc1a8a3993961bd56d2b7c72
SSDEEP

12288:NBtCCs8JOM8jklGEXH7sA8h+Y1rzFZVvefL6vrDIOA3Q2/VXMidw0wsDmlxpbbZB:NfCsWnFTveziiQ08AwDtXZCrS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d389e92cc90bdca11b0681ed20d3831_JaffaCakes118

Files

0d389e92cc90bdca11b0681ed20d3831_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f27b4340223bb03861898a6cf966004a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefWindowProcA
LoadStringA
PostQuitMessage
EndPaint
BeginPaint
UpdateWindow
GetWindowRect
DestroyWindow
DispatchMessageA
TranslateMessage
PeekMessageA
InvalidateRect
ShowWindow
MessageBoxA
CreateWindowExA
RegisterClassA
LoadCursorA
LoadIconA
SetWindowPos
ReleaseDC
GetDC
GetTopWindow
GetWindow
GetWindowLongA
GetWindowThreadProcessId
GetActiveWindow
ChangeDisplaySettingsA
GetClassLongA
GetClientRect
IsWindowVisible
ClientToScreen
GetCursorPos
ScreenToClient
ShowCursor
SetCursor
UnregisterClassA
wsprintfA
GetSystemMetrics

gdi32

DeleteDC
SetStretchBltMode
StretchBlt
CreateCompatibleBitmap
GetDIBits
DeleteObject
CreateCompatibleDC
CreateDIBSection
PatBlt
SelectObject
GetPixel
SetPixel
GetDeviceCaps
GetTextExtentPoint32A
SetTextColor
SetBkColor
SetTextAlign
ExtTextOutA

winmm

timeGetTime

kernel32

GlobalAlloc
CreateThread
GetModuleHandleA
GetProfileStringA
VirtualAlloc
GetStringTypeW
GetStringTypeA
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
RaiseException
HeapSize
HeapReAlloc
GetOEMCP
GetACP
GetCPInfo
HeapAlloc
GetCurrentProcess
TerminateProcess
HeapFree
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleFileNameA
RtlUnwind
GlobalLock
GlobalFree
GlobalUnlock
GlobalHandle
CloseHandle
Sleep
SetFilePointer
CreateFileA
SetErrorMode
GetProcAddress
LoadLibraryA
FreeLibrary
GetCurrentProcessId
ReadFile

shell32

ShellExecuteA

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f27b4340223bb03861898a6cf966004a

Headers

File Characteristics

Imports

user32

gdi32

winmm

kernel32

shell32

Sections

.text Size: 140KB - Virtual size: 140KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 20KB - Virtual size: 75KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 140KB - Virtual size: 140KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 20KB - Virtual size: 75KB

.rsrc
Size: 3KB - Virtual size: 3KB