55a75711a312982cddf484f1aaa12882_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

55a75711a312982cddf484f1aaa12882_JaffaCakes118
Size

180KB
MD5

55a75711a312982cddf484f1aaa12882
SHA1

462f8a8014a3fc18db3d1cfb8fbcebea05eea01b
SHA256

7960430478fe304201adef22e216903f36382d492ffbb4a65687d75ce1b83cf5
SHA512

a635cf89e273b435d31c1acd6befad1ebd3e227644a4adcac33b2ebb9c13a71f9a8c8fc3089790a07f7366c13751866c94711585674c0b5569be0f8ca285bbb1
SSDEEP

768:zsgeejO137GFgLP5unlNnhv5222222250ngInAxBkFew:znc7Cgd6/p52222222mew

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55a75711a312982cddf484f1aaa12882_JaffaCakes118

Files

55a75711a312982cddf484f1aaa12882_JaffaCakes118
.exe windows:4 windows x86 arch:x86

288a7ca20e06a3f2e18f9949cd9041f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
lstrlenA
lstrcpynA
GetWindowsDirectoryA
SetErrorMode
FindResourceA
LoadResource
lstrcpyA
lstrcatA
OpenFile
GetSystemDirectoryA
LockResource
GetModuleFileNameA
GetCommandLineA
lstrcmpA
GetVersionExA
GetProcAddress
VirtualAlloc
HeapAlloc
HeapFree
GetStringTypeW
GetStringTypeA
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
WideCharToMultiByte
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
MultiByteToWideChar
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetStartupInfoA
GetModuleHandleA

user32

FindWindowA
DefDlgProcA
ShowWindow
DialogBoxParamA
LoadStringA
CharNextA
UpdateWindow
InvalidateRgn
DefWindowProcA
EndPaint
DrawFocusRect
GetFocus
GetDlgCtrlID
GetClientRect
BeginPaint
GetSysColor
SetWindowLongA
GetWindowRect
GetSystemMetrics
GetDC
ReleaseDC
SetWindowPos
LoadIconA
LoadCursorA
RegisterClassA
EndDialog
SetWindowTextA
CheckDlgButton
GetWindowLongA
GetAsyncKeyState
GetParent
PostMessageA
CallWindowProcA
GetDlgItem
GetLastActivePopup
SetForegroundWindow
MessageBoxA

gdi32

TextOutA
GetDeviceCaps
Rectangle
SelectObject
SetTextColor
SetBkColor
CreatePen
CreateSolidBrush
DeleteObject
StretchDIBits
CreateFontA
GetTextExtentPoint32A

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA

shell32

ShellExecuteA

Exports

Exports

ButtonProc
CdromMenuDlgProc
ConfirmDlgProc
TStaticControlProc
WndProc

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adate
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

288a7ca20e06a3f2e18f9949cd9041f9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 9KB - Virtual size: 11KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 136KB - Virtual size: 152KB

.adate Size: 13KB - Virtual size: 13KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 9KB - Virtual size: 11KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 136KB - Virtual size: 152KB

.adate
Size: 13KB - Virtual size: 13KB