37417c3b5388e1ec0f7f19bf50a789a4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37417c3b5388e1ec0f7f19bf50a789a4_JaffaCakes118
Size

341KB
MD5

37417c3b5388e1ec0f7f19bf50a789a4
SHA1

832b0a7acc387cf80efa3a6603a137a6732a7369
SHA256

725aa368e00365a3899eb94792d9501adb2fce8dba109a669ecb75e32c9afc74
SHA512

cd1c2f9b49a845762e0b266063b0a163d14a7a5774efb4e54c846c0c6538d7011036d4a650ed1a82e04e7186dfe9bc51a2fb781fc89edbbce83a3322ef1469ae
SSDEEP

768:s1OTjHi3mYOrrDuFr5DKgQfg02h92eSQ9wZTwSos1z8T/9WCXPf0gOtVLfl232:sgTjiWY+CFr5DIIXj2FE4osY/9Ww0NY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37417c3b5388e1ec0f7f19bf50a789a4_JaffaCakes118

Files

37417c3b5388e1ec0f7f19bf50a789a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

884f42d454bc107f39db372f0640c1af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringA
CreateFileA
ReadFile
GlobalFree
GlobalAlloc
GlobalLock
LoadLibraryA
FreeLibrary
GlobalDeleteAtom
GlobalAddAtomA
GlobalUnlock
FatalAppExitA
lstrlenA
lstrcpyA
CloseHandle
GetProcAddress
SetFilePointer
LCMapStringW
LCMapStringA
GetStringTypeA
HeapFree
WriteFile
HeapAlloc
HeapCreate
GetStdHandle
HeapDestroy
SetHandleCount
GetOEMCP
GetFileType
GetCPInfo
WideCharToMultiByte
GetACP
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetStringTypeW
MultiByteToWideChar
GetModuleFileNameA
UnhandledExceptionFilter
RtlUnwind
GetCurrentProcess
TerminateProcess
ExitProcess
GetStartupInfoA
GetModuleHandleA
GetVersion
GetCommandLineA

user32

MessageBoxA
FillRect
InflateRect
CopyRect
SendMessageA
FindWindowA
GetMessageA
TranslateMessage
DispatchMessageA
CreateWindowExA
RegisterClassA
UpdateWindow
LoadIconA
GetSysColor
DefWindowProcA
PostQuitMessage
GetDlgItemTextA
SetTimer
SetWindowTextA
GetMessagePos
KillTimer
DialogBoxParamA
SetCursor
GetWindowRect
LoadCursorA
GetDlgItem
EndDialog
SetDlgItemTextA
DrawTextA
SendDlgItemMessageA
IsCharAlphaA
ShowWindow

gdi32

SetBkColor
GetStockObject
SetTextColor
DeleteObject
CreateSolidBrush
SetBkMode

Exports

Exports

AboutFnc
CallDictDialog
EnterWordFn
FreeDict
InitDict
MainWndProc

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.2rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

884f42d454bc107f39db372f0640c1af

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 169KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 4KB

.2rdata Size: 72KB - Virtual size: 72KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 169KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 4KB

.2rdata
Size: 72KB - Virtual size: 72KB