e80e499be99a7e403e165a7bb56a87d7_JaffaCakes118

General

Target

e80e499be99a7e403e165a7bb56a87d7_JaffaCakes118
Size

172KB
MD5

e80e499be99a7e403e165a7bb56a87d7
SHA1

52ea7375f62febd1328be7feab62f3a0a5618695
SHA256

d471d7a338751c753973eab911c125756dcca15ee950e6633e855a0ddaf4c4f8
SHA512

71f3d4938abd8ce2093f9e0e557e5216828ee30259d2860f4b2d5bdcf6beaad97301f644b2f6ae37a4422a6f46a1391223eac47ffdd0af92e78236c5c4c5c2e7
SSDEEP

3072:8UgrBUdnwnMKlvbk41HmhXYag8RuV3oFDafjBU87G:WUanMYYWHmYag9Pf1U87

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e80e499be99a7e403e165a7bb56a87d7_JaffaCakes118

Files

e80e499be99a7e403e165a7bb56a87d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

75e556dced2b3d50a2a372df02dbfd38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA

user32

SetFocus
DrawEdge
GetWindowRect
SetWindowsHookExA
WaitMessage
CharToOemA
GetKeyboardLayout
SetRect
DrawTextA
SetCapture
GetFocus
DestroyIcon
LoadBitmapA
FindWindowA
IsWindowEnabled
PtInRect
SetCursor
GetKeyState
OemToCharA
SetScrollPos

version

VerInstallFileA

kernel32

GetACP
ExitProcess
GetVersionExA
lstrcmpiA
ExitThread
CreateFileA
GetLocalTime
MoveFileExA
LocalAlloc
GetOEMCP
GetModuleHandleA
VirtualAlloc
GetVersion
GlobalAddAtomA
GetLastError
VirtualAllocEx
ReadFile
GetProcAddress
lstrlenA

gdi32

CreateBitmap
GetCurrentPositionEx
CreateBrushIndirect
GetBitmapBits
GetObjectA
CreateDIBitmap
CreateFontIndirectA

comctl32

ImageList_Read
ImageList_Write

shell32

Shell_NotifyIconA
SHGetSpecialFolderLocation
DragQueryFileA
SHGetDiskFreeSpaceA

oleaut32

VariantCopyInd
VariantChangeType
SafeArrayGetElement
SysAllocStringLen
SysFreeString
SysStringLen
OleLoadPicture

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

75e556dced2b3d50a2a372df02dbfd38

Headers

File Characteristics

Imports

advapi32

user32

version

kernel32

gdi32

comctl32

shell32

oleaut32

Sections

.text Size: 25KB - Virtual size: 25KB

.tls Size: 141KB - Virtual size: 140KB

.rdata Size: 2KB - Virtual size: 98KB

.idata Size: 2KB - Virtual size: 1KB

.text
Size: 25KB - Virtual size: 25KB

.tls
Size: 141KB - Virtual size: 140KB

.rdata
Size: 2KB - Virtual size: 98KB

.idata
Size: 2KB - Virtual size: 1KB