12202be9b68f181bf24f51cccd634559_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

12202be9b68f181bf24f51cccd634559_JaffaCakes118
Size

129KB
MD5

12202be9b68f181bf24f51cccd634559
SHA1

996b3c3bbc7565886013211c9a7a9e750ee72081
SHA256

3e09c2c0c899d774fa70157659d9c933bc032337cf9459c9558bd412a6d6006f
SHA512

5d657368e951950f503d6a578742987574acea747685f8638fdeb34f5d58ca47d4adddaff31d3f8e64a8856a4809f9b2442b539d70ecea2c46178ca06ef671da
SSDEEP

1536:71ObA4pLNhaZcOpPlLUT/YeUByiTpc2B+hDOHO1zKFDPY3zV/Qz83V9SRKt:7oA4pLN4yOTLUT/Yey+hj18DgpFbSct

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12202be9b68f181bf24f51cccd634559_JaffaCakes118

Files

12202be9b68f181bf24f51cccd634559_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bbfc40caf3b1514fd5dfe979af31f709

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

tan
wcstol
_acmdln
cos
time
pow
srand
rand

comctl32

ImageList_Create
ImageList_Destroy
ImageList_Add
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_Read

shlwapi

PathFileExistsA
SHDeleteKeyA
PathIsContentTypeA
SHQueryValueExA
SHSetValueA
SHQueryInfoKeyA
SHDeleteValueA
SHEnumValueA
SHStrDupA
PathGetCharTypeA

user32

OpenClipboard
RemoveMenu
GetScrollInfo
RegisterClassA
OffsetRect
IsZoomed
CharNextA
WaitMessage
GetKeyboardLayoutList
CharLowerA
DefWindowProcA
FindWindowA
SetCursor
DispatchMessageA
PostMessageA
UnregisterClassA
RedrawWindow
DefFrameProcA
TranslateMessage
CreateMenu
ScreenToClient
GetDesktopWindow
GetClientRect
GetMenuItemID
ShowOwnedPopups
GetKeyboardState
ClientToScreen
MsgWaitForMultipleObjects

gdi32

CreateCompatibleBitmap
SetBkColor
CreateDIBitmap
GetDCOrgEx
SelectObject

oleaut32

OleLoadPicture

shell32

SHGetDiskFreeSpaceA

comdlg32

GetFileTitleA
FindTextA
GetOpenFileNameA

kernel32

GetModuleHandleA
GetOEMCP
WideCharToMultiByte
GetProcAddress
GetCommandLineA
MoveFileExA
GetVersion
ResetEvent
LoadLibraryA
GetDiskFreeSpaceA
GlobalDeleteAtom
GetSystemDefaultLangID
VirtualAlloc
RaiseException
ExitThread
GetCurrentProcessId
ExitProcess
LoadLibraryExA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbfc40caf3b1514fd5dfe979af31f709

Headers

File Characteristics

Imports

msvcrt

comctl32

shlwapi

user32

gdi32

oleaut32

shell32

comdlg32

kernel32

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 70KB - Virtual size: 70KB

.rdata Size: 12KB - Virtual size: 11KB

.adata Size: 2KB - Virtual size: 1KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 70KB - Virtual size: 70KB

.rdata
Size: 12KB - Virtual size: 11KB

.adata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 10KB - Virtual size: 9KB