54c1a4f12b2b6e376a64380b11f01828_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

54c1a4f12b2b6e376a64380b11f01828_JaffaCakes118
Size

96KB
MD5

54c1a4f12b2b6e376a64380b11f01828
SHA1

8b7868f87ba3d4e9d5febf5140bdfb48145b83f9
SHA256

ab3595ff17a28a742576f697cf333da679e71167e4d4319f9c2065bd3a5d897c
SHA512

168395d40015b78a3aa1f5a97a241ca63abcf640d11d7d260e8a9cabcb13f69cf806edfe4d402ca79baee854351d40463db8e3f1067f0419af5033d3636d5b6b
SSDEEP

1536:QCHbtoNeHxgSmCtTm7LHuK5XU9hyj3vilGGaabGK:32iWSnTiB5XUTqvilGGaeGK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54c1a4f12b2b6e376a64380b11f01828_JaffaCakes118

Files

54c1a4f12b2b6e376a64380b11f01828_JaffaCakes118
.exe windows:4 windows x86 arch:x86

534fac470a6eb4d49d0e144728dc2634

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysReAllocStringLen
GetErrorInfo
SafeArrayGetUBound
SysStringLen
SafeArrayUnaccessData
SysAllocStringLen
SysFreeString
RegisterTypeLib
OleLoadPicture

kernel32

GetVersionExA
lstrcpyA
GetLocaleInfoA
LoadLibraryExA
FindResourceA
WaitForSingleObject
MoveFileExA
VirtualQuery
HeapDestroy
lstrcpynA
GetProcessHeap
lstrcatA
GetOEMCP
GetFullPathNameA
FreeResource
GetEnvironmentStrings
GetStdHandle
GetSystemDefaultLangID
MulDiv
LocalReAlloc
SetThreadLocale
FindClose
CompareStringA
GetVersion
VirtualAllocEx
Sleep
LoadLibraryA
GetFileSize
GetLocalTime
HeapAlloc
GetThreadLocale
GetDiskFreeSpaceA
FreeLibrary
HeapFree
lstrcmpA
GetACP
lstrlenA
FindFirstFileA
CloseHandle
ReadFile
GetCurrentThread
GetUserDefaultLCID
GetStartupInfoA
SetLastError
VirtualAlloc
GetStringTypeW
GetFileAttributesA
DeleteCriticalSection
GetModuleHandleA
GetStringTypeA
ResetEvent
LocalAlloc
EnumCalendarInfoA
SetFilePointer
FormatMessageA
GetLastError
GlobalAlloc
GetCurrentProcessId
MoveFileA
GetTickCount
SetEvent
GetFileType
CreateFileA
SetErrorMode
WideCharToMultiByte
LockResource
InitializeCriticalSection
ExitProcess

msvcrt

cos
time
log
memset
memmove
memcpy

user32

DispatchMessageW
IsWindowEnabled
MessageBoxA
GetSysColorBrush
SetWindowTextA
ClientToScreen
IsWindowVisible
CreateIcon
GetMenuStringA
GetClientRect
DrawTextA
SetCursor
GetCursor
GetMenuState
DeferWindowPos
GetScrollInfo
GetClipboardData
GetScrollRange
FrameRect
CheckMenuItem
SetWindowLongA
EndPaint
EndDeferWindowPos
CallWindowProcA
EnumThreadWindows
EnableWindow
CreateWindowExA
IsDialogMessageA
GetMenu
FillRect
DefWindowProcA
DrawIconEx
CreateMenu
CharToOemA
GetClassInfoA
GetWindow
GetWindowTextA
CreatePopupMenu
GetMenuItemCount
GetClassLongA
DispatchMessageA
GetIconInfo
DrawMenuBar
BeginPaint
DefMDIChildProcA
ShowWindow
GetMenuItemInfoA
GetScrollPos
GetDesktopWindow
GetDlgItem
GetMessagePos
DrawEdge
TrackPopupMenu
GetSysColor
FindWindowA
EqualRect
GetDCEx
DefFrameProcA
GetCapture
SetTimer
GetFocus
DrawFrameControl
GetParent
EnableScrollBar
BeginDeferWindowPos
CharLowerBuffA
CallNextHookEx
GetForegroundWindow

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

534fac470a6eb4d49d0e144728dc2634

Headers

File Characteristics

Imports

oleaut32

kernel32

msvcrt

user32

Sections

.text Size: 41KB - Virtual size: 41KB

.data Size: 4KB - Virtual size: 3KB

BSS Size: 50KB - Virtual size: 49KB

.text
Size: 41KB - Virtual size: 41KB

.data
Size: 4KB - Virtual size: 3KB

BSS
Size: 50KB - Virtual size: 49KB