25b7ea28a3f14edc5da4123cf0687629_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

25b7ea28a3f14edc5da4123cf0687629_JaffaCakes118
Size

94KB
MD5

25b7ea28a3f14edc5da4123cf0687629
SHA1

e6ee1571739dcb29b6d64e86b7553f618f42b58e
SHA256

774fc5f8958bc4201258729a40d2e819e5dc8db7c88b34aa9632d8bafd24cd68
SHA512

2b403d0fcd54a836720df221799633ecf24874cbe4e8b39e646e9c8bcca070efb8dcf4db38df9b8e9ab936a4ac532071122a606b8c9dccf1c6d2f6f05e9e1467
SSDEEP

1536:mUDMuPjr4dJD93/2tG2Z04sz2t2bRrH1vpDt6HRRj10JJSzm:QuPMJD93e5ZBoJRvt6nj10Jk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25b7ea28a3f14edc5da4123cf0687629_JaffaCakes118

Files

25b7ea28a3f14edc5da4123cf0687629_JaffaCakes118
.exe windows:5 windows x86 arch:x86

eabf92d9bdab158d5dca358e6a63a1c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
_except_handler3

kernel32

HeapAlloc
GetCurrentProcess
HeapFree
VirtualFree
GetProcessHeap
TlsSetValue
TerminateThread
TerminateProcess
VirtualAlloc
LoadLibraryA
OpenThread
GetExitCodeThread
GetModuleHandleA
GetCurrentThreadId
SuspendThread
ResumeThread
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreA
CloseHandle
TlsGetValue

user32

CreateWindowExA
PostMessageA
MoveWindow
GetWindowRect
DrawTextA
GetWindow
ModifyMenuA
SetScrollInfo
SetMenuItemInfoA
UpdateWindow
SetWindowTextA
GetMenuInfo
GetMenuItemCount
GetActiveWindow
ShowWindow
LoadAcceleratorsA
GetMenuItemInfoA
TranslateAcceleratorA
GetWindowLongA
GetScrollInfo
SetWindowLongA
GetMenu
GetForegroundWindow
TranslateMessage
GetSubMenu
GetMenuItemID
ScreenToClient
GetMessageA
GetWindowInfo
GetDC
ReleaseDC
SetWindowPos
FindWindowA
InvalidateRect
SendMessageA

gdi32

LineTo
DeleteDC
SelectObject
CreateCompatibleDC
Polyline
CreatePen
MoveToEx
BitBlt

Exports

Exports

?WindowHandle@@YGPAXXZ

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_winoc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eabf92d9bdab158d5dca358e6a63a1c5

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: - Virtual size: 4B

.idata Size: 2KB - Virtual size: 2KB

.cdata Size: 2KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 80KB - Virtual size: 80KB

_winoc Size: 512B - Virtual size: 436B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: - Virtual size: 4B

.idata
Size: 2KB - Virtual size: 2KB

.cdata
Size: 2KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 80KB - Virtual size: 80KB

_winoc
Size: 512B - Virtual size: 436B