43650c2684c29a497a08f5871752bc76_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

43650c2684c29a497a08f5871752bc76_JaffaCakes118
Size

153KB
MD5

43650c2684c29a497a08f5871752bc76
SHA1

e593fea5c0f811b71e0439b5b52a92e59643d27d
SHA256

dc9055f4a2ba5239d24b691c610d92a801c98fc04b0f517417b50820d680193c
SHA512

cd187a35f2ef3a8030f61d033e22df68439e96d6742e800714ea21211d21ba5392c06913d832abfdc56f52a14eebeac0232515023e1911cd0692e581873f9418
SSDEEP

3072:t7w8Dtz+TnjkMa1gV8rT409CoDcROMMRaUp0C0Y//u3AJ:FwuEa1gYTl9xcAMMRaUavY/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43650c2684c29a497a08f5871752bc76_JaffaCakes118

Files

43650c2684c29a497a08f5871752bc76_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5d6ab43297afcc4030f819d782e19a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA
SHDefExtractIconA

kernel32

HeapDestroy
GetProcAddress
lstrcpynA
GetProcessHeap
lstrcmpA
FindFirstFileA
GlobalFindAtomA
GlobalAddAtomA
GetFileAttributesA
GetCurrentThread
MulDiv
ExitProcess
EnumCalendarInfoA
EnterCriticalSection
CloseHandle
GetCommandLineA
GetFullPathNameA
GetFileSize
GetLocalTime
FindResourceA
WaitForSingleObject
HeapFree
GetCPInfo
DeleteFileA
ResetEvent
GetLocaleInfoA
Sleep
SetEndOfFile
GetDiskFreeSpaceA
LocalReAlloc
ExitThread
lstrlenA
LoadResource
SetHandleCount
GlobalAlloc
RaiseException
GetDateFormatA
GetStringTypeW
GetCurrentProcess
SetThreadLocale
CreateEventA
CompareStringA
GetVersion
SetLastError
GetACP
GetModuleFileNameA
GetCurrentThreadId
VirtualAlloc
GetEnvironmentStrings
GetVersionExA
FreeLibrary
SetErrorMode
LoadLibraryA
InitializeCriticalSection
GetThreadLocale
lstrcpyA
GetTickCount
GetCurrentProcessId
LocalAlloc
GetStringTypeA

user32

EnableMenuItem
GetClassInfoA
DefWindowProcA
CreateIcon
GetKeyState
GetCursor
SetWindowTextA
GetFocus
GetLastActivePopup
CreateMenu
RegisterClassA
DrawIcon
CreatePopupMenu
GetMessagePos
GetParent
DrawIconEx
GetClipboardData
CallWindowProcA
ShowWindow
EqualRect
SetCursor
SetTimer
EnableWindow
FrameRect
BeginDeferWindowPos
DrawEdge
GetDlgItem
GetPropA
EnumWindows
DrawFrameControl
CharLowerA
IsWindowEnabled
GetKeyNameTextA
GetCapture
GetDCEx
DrawMenuBar
GetCursorPos
EndDeferWindowPos
EnumChildWindows
GetDC
TrackPopupMenu
GetScrollPos
ShowScrollBar
DispatchMessageA
GetWindow
GetScrollRange
GetIconInfo
CallNextHookEx
GetMenuItemCount
GetSysColorBrush
IsDialogMessageA
DeferWindowPos
GetSubMenu
DispatchMessageW
DefMDIChildProcA
GetDesktopWindow
GetMenuState
GetMenuItemID
IsWindowVisible
IsChild
GetSysColor
BeginPaint
EnumThreadWindows

comdlg32

GetOpenFileNameA

version

VerFindFileA
GetFileVersionInfoA
GetFileVersionInfoSizeA

shlwapi

StrTrimA
PathGetCharTypeA
SHSetValueA

Sections

CODE
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 129KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c5d6ab43297afcc4030f819d782e19a1

Headers

File Characteristics

Imports

shell32

kernel32

user32

comdlg32

version

shlwapi

Sections

CODE Size: 11KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 3KB

.edata Size: 129KB - Virtual size: 221KB

BSS Size: 5KB - Virtual size: 4KB

.bss Size: 2KB - Virtual size: 1KB

CODE
Size: 11KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 3KB

.edata
Size: 129KB - Virtual size: 221KB

BSS
Size: 5KB - Virtual size: 4KB

.bss
Size: 2KB - Virtual size: 1KB