453f9c57bf062fcc63500296dfe73031_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

453f9c57bf062fcc63500296dfe73031_JaffaCakes118
Size

52KB
MD5

453f9c57bf062fcc63500296dfe73031
SHA1

a48a8fd55618fbefe128e821919e6850dad1e5e9
SHA256

d29c830721963b524a4ca681cf1103aa19ff3288d1b59bc4496284d4f4b6463b
SHA512

4088093bfede00fabf5659881e89f5b9e240de87d88958c9c63636d473525c25b14f8d4fbc85d2f87a21b5c668ab3cc6475ac46b222e53b6ae2e8bef5351028a
SSDEEP

768:1kmzGUzUQK+LZ4LxWh/PDYOrEMyVGAAPvprf+XEg5aZVHB:1kMYQKzLS/szMyoAA5rf+0yazHB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
453f9c57bf062fcc63500296dfe73031_JaffaCakes118

Files

453f9c57bf062fcc63500296dfe73031_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58fb8c51d913445df0698af1c002dfdc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyIcon
GetKeyboardLayout
LoadBitmapA
DrawFocusRect
GetWindowDC
CheckMenuItem
GetParent
GetClientRect
GetLastActivePopup
SetForegroundWindow
CreatePopupMenu
InsertMenuA
SetActiveWindow
TrackPopupMenuEx
PostQuitMessage
MapWindowPoints
wsprintfA
SystemParametersInfoA
GetSysColor
DrawTextA
CreateIconIndirect
CreateWindowExA
ShowWindow
LoadStringA
MessageBoxA
LoadIconA
LoadCursorA
RegisterClassExA
TranslateMessage
DispatchMessageA
WinHelpA
GetKeyboardLayoutList
GetMessageA
GetClassNameA
FindWindowA
EnumChildWindows
GetDC
ReleaseDC
GetWindowThreadProcessId
AttachThreadInput
MessageBeep
DefWindowProcA
PostMessageA
DestroyWindow
IsWindow
GetMessagePos
GetSystemMetrics

kernel32

GetProcAddress
lstrcpynA
WinExec
GetStartupInfoA
GetModuleHandleA
ExitProcess
GetLocaleInfoA
FreeLibrary
lstrlenA
LocalAlloc
lstrcpyA
LocalFree
lstrcmpA
LoadLibraryA

gdi32

TranslateCharsetInfo
GetObjectA
BitBlt
GetTextExtentPointA
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
SetBkColor
SetTextColor
ExtTextOutA
GetStockObject
PatBlt
SelectObject
DeleteDC
DeleteObject
GetTextCharsetInfo

shell32

Shell_NotifyIconA

comctl32

ord334
ord332
ord328
ImageList_Destroy
ord329
ImageList_GetIcon
ImageList_Draw
ImageList_Create
ImageList_ReplaceIcon
ImageList_Remove

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.4src
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58fb8c51d913445df0698af1c002dfdc

Headers

File Characteristics

Imports

user32

kernel32

gdi32

shell32

comctl32

advapi32

Sections

.text Size: 32KB - Virtual size: 28KB

.data Size: 4KB - Virtual size: 800B

.idata Size: 4KB - Virtual size: 2KB

.4src Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 864B

.text
Size: 32KB - Virtual size: 28KB

.data
Size: 4KB - Virtual size: 800B

.idata
Size: 4KB - Virtual size: 2KB

.4src
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 864B