572df869f17d9daa94109f4760518611_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

572df869f17d9daa94109f4760518611_JaffaCakes118
Size

129KB
MD5

572df869f17d9daa94109f4760518611
SHA1

2aa43b31e2c4e937648a646cdc48fdc98d3ee453
SHA256

e733b06620a358c8024c223ff99b35395db3b7ee8062c5e47872c07d07ea111f
SHA512

1013a1c6bc95f663de96ef4d5f79b0e0ba99df2b1af0665fd8264175b65948dbacb05f7a4426bf674514273a83e8df9c751595762bfe32832575130c3d6a8e53
SSDEEP

3072:X9P1+KtcQNgkwV1to1gaPHyZbX43YjDAsuCLWgL9eL:aQDgvto1gaPyB432z5L96

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
572df869f17d9daa94109f4760518611_JaffaCakes118

Files

572df869f17d9daa94109f4760518611_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2240972acd7a00266ecedd2ead483764

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
InitializeCriticalSection
ExitProcess
GetCurrentProcessId
LoadLibraryA
SetThreadLocale
LocalReAlloc
CreateEventA
GetFileType
LoadLibraryExA
GetModuleHandleW
SetErrorMode
GetStringTypeA
FreeLibrary
VirtualFree
lstrlenA
GetCurrentThread
GetThreadLocale
GetTickCount
VirtualAlloc
IsBadReadPtr
VirtualQuery
WideCharToMultiByte

user32

GetWindowThreadProcessId
GetMenuItemID
IsChild
SetScrollPos
GetDCEx
DrawEdge
DrawFrameControl
GetCursorPos
FillRect
GetIconInfo
SetScrollRange
GetSystemMenu
EmptyClipboard
GetKeyState
GetMenuState
GetKeyboardLayoutList
InvalidateRect
DrawMenuBar
PtInRect
CallWindowProcA
GetPropA
TranslateMessage
SetRect
IsWindowUnicode
IsWindowEnabled
ReleaseDC
AdjustWindowRectEx
TranslateMDISysAccel
SetMenu
DefWindowProcA
WindowFromPoint
GetClassNameA
OpenClipboard
CreateMenu
SetWindowLongW
SetMenuItemInfoA
InflateRect
PostMessageA
DestroyIcon
GetMenuItemCount
LoadIconA
MessageBeep
RedrawWindow
MessageBoxA
GetTopWindow
OffsetRect
RemovePropA
SetWindowsHookExA
CreateWindowExA
ReleaseCapture
IsRectEmpty
GetMenuStringA
MapWindowPoints
CharNextW
IsDialogMessageW
EndDialog
SetClassLongA
ShowScrollBar
UnregisterClassA
EnableWindow
GetMenu
PeekMessageW
ActivateKeyboardLayout
DispatchMessageW
KillTimer
GetWindowRect
GetDesktopWindow
SetWindowPos
GetKeyboardLayout
GetDC
EnableScrollBar
ScrollWindow
CheckMenuItem
InsertMenuItemA
DestroyWindow
GetFocus
ShowWindow
IsWindow
IsMenu
GetParent
IsIconic
CharNextA
DrawAnimatedRects
GetKeyboardLayoutNameA
GetKeyNameTextA
EqualRect
IsDialogMessageA
EnumThreadWindows
SetFocus
GetWindowLongW
ChildWindowFromPoint
ScreenToClient
DeleteMenu
GetClassInfoA
IsWindowVisible
GetClipboardData
RemoveMenu
CallNextHookEx
MapVirtualKeyA
GetWindowDC
LoadCursorA
SendMessageW
DispatchMessageA
PeekMessageA
GetForegroundWindow
CharLowerBuffA
DestroyCursor
GetSubMenu
SetTimer
SetPropA
ClientToScreen
GetLastActivePopup
IsCharLowerA

comdlg32

GetOpenFileNameA
FindTextA
ChooseColorA
GetSaveFileNameA

gdi32

SetBkColor
GetDIBColorTable
GetPaletteEntries
GetDCOrgEx
CreateDIBitmap
CreatePenIndirect
GetCurrentPositionEx
SaveDC
CreateBitmap

shlwapi

SHGetValueA

Exports

Exports

_qKT2nlpSfGvZJ@20
_7QoWgByOAgLa
cII49c
AMoGgQKc@12
_1MVV4

Sections

.text
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2240972acd7a00266ecedd2ead483764

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

gdi32

shlwapi

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 12KB

.rdata Size: 4KB - Virtual size: 96KB

.data Size: 113KB - Virtual size: 116KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 9KB - Virtual size: 12KB

.rdata
Size: 4KB - Virtual size: 96KB

.data
Size: 113KB - Virtual size: 116KB

.rsrc
Size: 1024B - Virtual size: 4KB