413766a5a8963f5979c2cacc41b6007a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

413766a5a8963f5979c2cacc41b6007a_JaffaCakes118
Size

179KB
MD5

413766a5a8963f5979c2cacc41b6007a
SHA1

21b7c2c40752ac3cfdbfef01a603c012766a8203
SHA256

19bfd3668887b82d0131e5fc60742553b5c5461ed9b3f2ca52386e016b2fb161
SHA512

945e2fd9bba61bbe53b92302410a4633e8effb384a3d887405db669c2ee202d71499d787eb681e58258a339d406515cde70257510efaf70f15f8279f43194387
SSDEEP

3072:uMqw+3qxa8co0BEHyK1O2riFjalAzzZUPabR7ugVpx2ra2q:u/3n8coSz4PiFLnAs1psz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
413766a5a8963f5979c2cacc41b6007a_JaffaCakes118

Files

413766a5a8963f5979c2cacc41b6007a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2b825e2634a89a289727dc00201819f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextA
ChooseColorA
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

version

VerFindFileA

shell32

SHGetDiskFreeSpaceA

kernel32

GetVersionExA
FindFirstFileA
GetLastError
GetCPInfo
EnumCalendarInfoA
Sleep
GetLocaleInfoA
lstrcmpA
ExitThread
GetModuleHandleA
LoadLibraryExA
GetFileAttributesA
LoadResource
GetProcAddress
ExitProcess
VirtualAlloc
GlobalAlloc

gdi32

GetClipBox
SetTextColor
CreatePenIndirect
CreateDIBSection
GetPaletteEntries
GetObjectA
SetPixel
GetDIBColorTable
CreateBitmap

user32

GetKeyboardLayoutList
SetWindowsHookExA
GetCursor
SetTimer
EqualRect
GetClientRect
DrawMenuBar
PostQuitMessage
WaitMessage
OffsetRect
TranslateMessage
IsWindowVisible
GetFocus
SetCursor
RemoveMenu
IsWindow
DrawEdge
TranslateMDISysAccel
UpdateWindow
DispatchMessageW
EmptyClipboard
BeginPaint
SetWindowLongW
GetMenuItemCount
IntersectRect
GetWindowTextA
ShowOwnedPopups
InsertMenuItemA
EnableWindow

ole32

CoDisconnectObject
CoRevokeClassObject
CreateStreamOnHGlobal
GetHGlobalFromStream
CoCreateInstanceEx
WriteClassStm
OleRegGetUserType
CLSIDFromProgID
StringFromIID

oleaut32

SafeArrayGetElement

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 4KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 485B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2b825e2634a89a289727dc00201819f

Headers

File Characteristics

Imports

comdlg32

version

shell32

kernel32

gdi32

user32

ole32

oleaut32

Sections

.text Size: 31KB - Virtual size: 31KB

.data Size: 139KB - Virtual size: 139KB

.tls Size: 4KB - Virtual size: 91KB

.rdata Size: 512B - Virtual size: 485B

.idata Size: 2KB - Virtual size: 2KB

.text
Size: 31KB - Virtual size: 31KB

.data
Size: 139KB - Virtual size: 139KB

.tls
Size: 4KB - Virtual size: 91KB

.rdata
Size: 512B - Virtual size: 485B

.idata
Size: 2KB - Virtual size: 2KB