28a5ac76f119f104e5b9ba8b8978b838_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28a5ac76f119f104e5b9ba8b8978b838_JaffaCakes118
Size

94KB
MD5

28a5ac76f119f104e5b9ba8b8978b838
SHA1

6c76e3bb306a24c3fcd35939324b4840b9283252
SHA256

d3c43c4a95d42c35ebc82eac7802cb2716b9d2cecd1546e12695de036c21d9ef
SHA512

e1a5ea5474c0c4a935b3e75ea63967c84eb9b605dbfe2bac41b0f86252a9143ee488a7ebbd2b8ab57c9b6601fc4a619aa7fd3c4086ad6a21079392db350e2491
SSDEEP

1536:x03JGdo4T4CWbNNsDd+F2SuEjO+veaXNFcw587I324zTIu:CZGxInsZ+F2SuEpeanf58kG4zU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28a5ac76f119f104e5b9ba8b8978b838_JaffaCakes118

Files

28a5ac76f119f104e5b9ba8b8978b838_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69512543fe082ab7a44bbeb96c1cf823

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

InitializeSecurityDescriptor
RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetSecurityDescriptorDacl

gdi32

BitBlt
CreateCompatibleDC
CreateDIBSection
CreateFontA
CreatePen
CreateSolidBrush
DeleteDC
DeleteObject
GetObjectA
Rectangle
SelectObject
SetBkMode
SetTextColor

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateMutexA
CreatePipe
CreateProcessA
CreateToolhelp32Snapshot
DeleteFileA
DuplicateHandle
EnterCriticalSection
ExitProcess
GetCommandLineA
GetCurrentProcess
GetFileAttributesA
GetFileSize
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetShortPathNameA
GetTempPathA
GetTickCount
InitializeCriticalSection
InterlockedExchange
InterlockedExchangeAdd
LeaveCriticalSection
LoadLibraryA
LocalAlloc
MoveFileA
MultiByteToWideChar
Process32First
Process32Next
ReadFile
SetCurrentDirectoryA
SetEvent
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateThread
WaitForSingleObject
WriteFile
lstrcmpiA

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_beginthreadex
_cexit
_iob
_onexit
_setmode
atexit
calloc
free
malloc
memcpy
rand
realloc
signal
sprintf
srand
strcat
strcmp
strcpy
strlen
strrchr
strstr

rpcrt4

RpcStringFreeA
UuidCreate
UuidToStringA

user32

BeginPaint
CreateWindowExA
DefWindowProcA
DeleteMenu
DestroyWindow
DialogBoxIndirectParamA
DispatchMessageA
DrawTextA
EndDialog
EndPaint
GetDC
GetDlgItem
GetMessageA
GetSystemMenu
GetWindowRect
GetWindowTextA
InvalidateRect
IsIconic
IsWindowVisible
KillTimer
LoadCursorA
MessageBoxA
MoveWindow
PostMessageA
PostQuitMessage
RedrawWindow
RegisterClassExA
ReleaseDC
SetActiveWindow
SetFocus
SetTimer
SetWindowLongA
SetWindowTextA
ShowWindow
SystemParametersInfoA
TranslateMessage

wininet

HttpOpenRequestA
HttpQueryInfoA
HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetSetOptionA

ws2_32

WSAStartup

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 42KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

69512543fe082ab7a44bbeb96c1cf823

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

msvcrt

rpcrt4

user32

wininet

ws2_32

Sections

.text Size: 44KB - Virtual size: 44KB

.data Size: 16KB - Virtual size: 16KB

.rdata Size: 22KB - Virtual size: 21KB

.bss Size: - Virtual size: 42KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 44KB - Virtual size: 44KB

.data
Size: 16KB - Virtual size: 16KB

.rdata
Size: 22KB - Virtual size: 21KB

.bss
Size: - Virtual size: 42KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 5KB