e9039b241eee850eb0705683e9358442_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e9039b241eee850eb0705683e9358442_JaffaCakes118
Size

143KB
MD5

e9039b241eee850eb0705683e9358442
SHA1

1e871a98cceca1936b0eb84fd83bcb6dc9433087
SHA256

30adc99ebfb5ed8aec76274b6a1d7dde6bff9cf3b2bf5f617fd3a7abedf4c037
SHA512

05fce2169d8283962e1a7ee754ddf4ead267eb4c8b7f1c543785a299f53d78d2de8be8a3bd34746f43de70c0b285c24e2e9cad7957fdb99426775577f2155c1a
SSDEEP

3072:hEYnewECXrW98WYjL8b7SZYOms3cud1KnIyKP7RJCa:hD6urWej4buu0cunKIy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9039b241eee850eb0705683e9358442_JaffaCakes118

Files

e9039b241eee850eb0705683e9358442_JaffaCakes118
.exe windows:4 windows x86 arch:x86

39ba620f2b1676394e9420021575d437

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
EnumChildWindows
DestroyIcon
SetScrollPos
OffsetRect
MessageBoxA
SetTimer
ShowWindow
DefFrameProcA
InflateRect
RemovePropA
GetWindowRect
WindowFromPoint
GetMenu
GetForegroundWindow
GetMenuItemInfoA
WaitMessage
ReleaseDC
GetSystemMenu
CallWindowProcA
GetWindow
DrawEdge
GetWindowLongA
SetWindowsHookExA
wsprintfA
GetActiveWindow
EnableScrollBar
SetCapture
CharUpperBuffA
SetWindowTextA
PeekMessageW
ChildWindowFromPoint
CheckMenuItem
ActivateKeyboardLayout
TranslateMDISysAccel
PeekMessageA
SetScrollInfo
TrackPopupMenu
ScrollWindow
CallNextHookEx
KillTimer
GetWindowDC
RegisterClipboardFormatA
ClientToScreen
SetWindowPos
IsMenu
RedrawWindow
GetWindowTextA
GetScrollPos
IsDialogMessageW
SetMenu
GetPropA
GetDCEx
CharLowerBuffA
ShowScrollBar
SendMessageW
IsWindow
GetClientRect
GetKeyboardState
SetPropA
AdjustWindowRectEx
InsertMenuItemA
LoadBitmapA

kernel32

SetLastError
FormatMessageA
lstrlenA
ExitThread
GetProcessHeap
GetCurrentProcess
GetFileAttributesA
GetTempPathA
GetStringTypeA
SetEvent
GetVersionExA
GetLocaleInfoA
MoveFileA
lstrcmpiA
ExitProcess
LoadLibraryA
lstrcpyA
LoadResource
GetCommandLineA
CreateThread
CreateFileA
GlobalAlloc
LocalReAlloc
DeleteCriticalSection
VirtualAlloc

version

VerInstallFileA
VerQueryValueA
GetFileVersionInfoSizeA

comctl32

ImageList_Draw
ImageList_Write
ImageList_GetBkColor
ImageList_Create

Exports

Exports

_ywbLx1cBMaMneX@20

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dadata
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39ba620f2b1676394e9420021575d437

Headers

File Characteristics

Imports

user32

kernel32

version

comctl32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 9KB - Virtual size: 97KB

.data Size: 99KB - Virtual size: 98KB

.edata Size: 2KB - Virtual size: 2KB

.dadata Size: 512B - Virtual size: 84B

.rsrc Size: 8KB - Virtual size: 46KB

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 9KB - Virtual size: 97KB

.data
Size: 99KB - Virtual size: 98KB

.edata
Size: 2KB - Virtual size: 2KB

.dadata
Size: 512B - Virtual size: 84B

.rsrc
Size: 8KB - Virtual size: 46KB