2a82cd8a3997773020422d459f481207_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2a82cd8a3997773020422d459f481207_JaffaCakes118
Size

107KB
MD5

2a82cd8a3997773020422d459f481207
SHA1

a7b1ca15154e63ff2bdeac218bce75dc6b4f7055
SHA256

123697921a0961aed482016675eb715c8ab2392a37330879d146a2678200f5f4
SHA512

c5796921fc3b9b72d3deb283fd9ba24db7c686e4848325d39410cd853ff59489a475d7c4ee704352f524f2bb2a399b23217ee583a95e117abd8d3dee46d84751
SSDEEP

1536:RSPjD2fIz/tZk9cUSxaVXNSvhZlWzjbH++dRxRDFv:RGj/ZkSUSojSobP3vDFv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a82cd8a3997773020422d459f481207_JaffaCakes118

Files

2a82cd8a3997773020422d459f481207_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b884e15c8c2647b35dd469ce5f605ad5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerFindFileA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

GetLocalTime
lstrcpynA
GlobalDeleteAtom
SetErrorMode
lstrlenA
GetDiskFreeSpaceA
GetCurrentThread
GetModuleFileNameA
VirtualAlloc
CloseHandle
LocalAlloc
GetThreadLocale
LoadLibraryA
GetOEMCP
GetProcAddress
ResetEvent
FindFirstFileA
GetModuleHandleA
GetVersionExA
ReadFile
GetStdHandle
FreeLibrary
GetCurrentProcess
EnterCriticalSection
ExitProcess
FreeResource
GetSystemDefaultLangID
GetCPInfo
GlobalFindAtomA
lstrcmpiA
GetProcessHeap
SetEvent
HeapDestroy
SetHandleCount
CreateThread
GetFileSize
CompareStringA
GlobalAlloc
WideCharToMultiByte
WaitForSingleObject
SizeofResource
GetFullPathNameA
GetStringTypeW
MoveFileExA
MulDiv
ExitThread
DeleteCriticalSection
GetCurrentThreadId
RaiseException
SetThreadLocale
SetLastError
GlobalAddAtomA
LocalReAlloc
FindClose
lstrcpyA
SetFilePointer
InitializeCriticalSection
FormatMessageA
HeapAlloc
GetACP
CreateFileA
FindResourceA
EnumCalendarInfoA
VirtualFree
GetLocaleInfoA
LockResource

msvcrt

log
malloc
memcpy

user32

GetDC
GetMenuItemID
DrawIconEx
FindWindowA
EnumWindows
GetPropA
GetClassInfoA
BeginDeferWindowPos
GetSysColorBrush
GetDesktopWindow
GetWindowTextA
EnumChildWindows
GetWindow
EnableWindow
GetActiveWindow
CallNextHookEx
DefMDIChildProcA
GetMenuItemCount
DefFrameProcA
MessageBoxA
DrawTextA
GetKeyState
EnableMenuItem
DrawMenuBar
GetParent
CreateWindowExA
EndPaint
GetClientRect
GetMenuState
FrameRect
GetMessagePos
SetWindowLongA
CreateIcon
IsWindowVisible
GetIconInfo
CreatePopupMenu
CharToOemA
CharNextA
GetSubMenu
HideCaret
SystemParametersInfoA
GetFocus
TrackPopupMenu
ShowWindow
EndDeferWindowPos
FillRect
CharLowerA
DrawFrameControl
GetCursor
EnableScrollBar
CharLowerBuffA
GetMenu
IsWindowEnabled
IsMenu
EnumThreadWindows
DrawEdge
CallWindowProcA
SetWindowPos
CreateMenu
SetTimer
GetMenuItemInfoA
GetCapture
SetWindowTextA
GetClipboardData
GetMenuStringA

Sections

CODE
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 754B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b884e15c8c2647b35dd469ce5f605ad5

Headers

File Characteristics

Imports

version

kernel32

msvcrt

user32

Sections

CODE Size: 41KB - Virtual size: 40KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 57KB - Virtual size: 57KB

.idata Size: 2KB - Virtual size: 1KB

.edata Size: 1024B - Virtual size: 754B

CODE
Size: 41KB - Virtual size: 40KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 57KB - Virtual size: 57KB

.idata
Size: 2KB - Virtual size: 1KB

.edata
Size: 1024B - Virtual size: 754B