0de84a3807900ac68d1f6e0875c6941b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0de84a3807900ac68d1f6e0875c6941b_JaffaCakes118
Size

328KB
MD5

0de84a3807900ac68d1f6e0875c6941b
SHA1

1b10c4f77da105e20ff10a6aba5de1f6f3229d8d
SHA256

107dab65149ba7f77f0d8341fc0276bcb39782bc6df1308af970a294401067cd
SHA512

36893b54ffc6667dbf3b2e49419aa7604ed2ae027b2be22db55de13d8b7c7fa8d06e97c4db1bc339a4f787c90ef45777d8c5a431e9a56942c7fa1a4c2fb42e0c
SSDEEP

6144:LV3NlYQGajbev/lCRM2k1Pt+LCJ8kOp4x1mMwO9eGGxMbaCw3ovUIb:LV3XtRjb8tt2kT+LBXpDMjefxOaCw3o5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0de84a3807900ac68d1f6e0875c6941b_JaffaCakes118

Files

0de84a3807900ac68d1f6e0875c6941b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d521631a8a7a7b739474744b9da39aef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GlobalHandle
GlobalReAlloc
GlobalUnlock
LoadResource
LockResource
GetTickCount
SetThreadPriority
Sleep
WinExec
_hread
_lopen
lstrcmpA
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetCurrentThreadId
GetCurrentThread
FindResourceA
LoadLibraryExA
GetProcAddress
QueryPerformanceCounter
VirtualAlloc

user32

DialogBoxIndirectParamA
DialogBoxParamA
DispatchMessageA
DrawMenuBar
DrawTextA
EnableMenuItem
EnableWindow
EndDialog
FillRect
FindWindowA
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetDlgItemTextA
GetKeyNameTextA
CreateWindowExA
GetMessageA
GetParent
GetSystemMetrics
GetWindowLongA
GetWindowRect
GetWindowTextA
InvalidateRect
IsIconic
IsWindowVisible
LoadBitmapA
LoadStringA
MapVirtualKeyA
MessageBeep
MessageBoxA
MoveWindow
DestroyWindow
PostMessageA
RedrawWindow
RegisterClassA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
SendDlgItemMessageA
SendMessageA
SetCapture
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetMenu
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UnregisterClassA
UpdateWindow
WinHelpA
wsprintfA
CheckMenuItem
ChangeDisplaySettingsA
BeginPaint
GetClientRect
EndPaint
PostQuitMessage
DefWindowProcA
LoadIconA
PeekMessageA
DeleteMenu
LoadCursorA
GetMenu

gdi32

LineTo
PlayEnhMetaFile
Rectangle
CreateEnhMetaFileA
MoveToEx
CloseEnhMetaFile
DeleteEnhMetaFile

shell32

ShellAboutA

comctl32

InitCommonControlsEx

msvcrt

memset

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdataT2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdataT1
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdataT
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d521631a8a7a7b739474744b9da39aef

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

msvcrt

Sections

.text Size: 5KB - Virtual size: 4KB

.data Size: 314KB - Virtual size: 313KB

.rdataT2 Size: 512B - Virtual size: 100B

.rdataT1 Size: 512B - Virtual size: 100B

.rdataT Size: 512B - Virtual size: 100B

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 314KB - Virtual size: 313KB

.rdataT2
Size: 512B - Virtual size: 100B

.rdataT1
Size: 512B - Virtual size: 100B

.rdataT
Size: 512B - Virtual size: 100B

.rsrc
Size: 2KB - Virtual size: 2KB