f69c097ec32026667a4dbcdb764c27f9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f69c097ec32026667a4dbcdb764c27f9_JaffaCakes118
Size

147KB
MD5

f69c097ec32026667a4dbcdb764c27f9
SHA1

2a8bc8a9eb986b864b04568d6181a014c1a3df86
SHA256

60f55ff450a3560b9efccfea3dfda0ecd581e27367a499d801f35d4d10bcea7b
SHA512

9d071d53545c6a3db4d6dbd2c12172c45eb8588dd3d6da35885219106946d9b0ee136e97cfa8450ec7ba066460c34dcc96e5a1a64d50a9088a4bc9ba54d2f612
SSDEEP

3072:YkKUibl+6dPA7vTzaVAB7EndqdxxeQB6ld7sNd2FsyEY8U4dyp:CblNPWHJ8qheQ7NcFqpdg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f69c097ec32026667a4dbcdb764c27f9_JaffaCakes118

Files

f69c097ec32026667a4dbcdb764c27f9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

28b4e0ad939e374d1aa523e893116b10

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrW
StrCmpW
StrToIntW
PathCanonicalizeW
StrFromTimeIntervalW
PathCommonPrefixW

shell32

ord147

kernel32

FreeResource
GetCommState
UnlockFileEx
SetFilePointer
CreateWaitableTimerA
FileTimeToDosDateTime
GetCommandLineW
SetFileAttributesA
LoadLibraryExW
ClearCommError
lstrcpyW
OpenSemaphoreW
GetNamedPipeInfo
CreateEventA
LoadLibraryW
GetHandleInformation

user32

GetMenu
DrawFocusRect
GetDC
SetScrollRange
DrawTextExW
DefFrameProcA
GetTopWindow
GetMenuItemID
GetWindowDC
SendDlgItemMessageA
GetWindowRect
ScreenToClient
RemovePropW
GetDlgItemInt
ScrollDC
GetMenuState
LoadCursorFromFileW
IsWindowUnicode
EnumPropsExW
DrawMenuBar
WindowFromDC
SetMenuInfo
SetCaretBlinkTime
GetSystemMetrics
IsWindowVisible
GetCaretBlinkTime
MessageBoxExA
GetKeyboardLayoutList
DefWindowProcW
EnumDisplaySettingsW
ActivateKeyboardLayout
SetMessageExtraInfo
GetWindow
SendMessageTimeoutW

gdi32

GetEnhMetaFileDescriptionW
GetRasterizerCaps
SetROP2
ChoosePixelFormat
GetCharABCWidthsW
LPtoDP
GetGraphicsMode
CreateCompatibleDC
GetWorldTransform
SetBrushOrgEx
GetLayout
SaveDC
FillPath
GetTextExtentExPointA
UpdateColors

advapi32

AddAuditAccessAce
GetAclInformation
GetCurrentHwProfileW

Exports

Exports

__GetClientRect@12

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.exdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.secimg
Size: 1024B - Virtual size: 597B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.memo0
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.c_mem
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.datse
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28b4e0ad939e374d1aa523e893116b10

Headers

File Characteristics

Imports

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.exdata Size: 2KB - Virtual size: 2KB

.secimg Size: 1024B - Virtual size: 597B

.data Size: 512B - Virtual size: 472B

.memo0 Size: 512B - Virtual size: 48B

.c_mem Size: 3KB - Virtual size: 2KB

.datse Size: 1024B - Virtual size: 636B

.rsrc Size: 128KB - Virtual size: 128KB

.reloc Size: 1024B - Virtual size: 940B

.text
Size: 8KB - Virtual size: 8KB

.exdata
Size: 2KB - Virtual size: 2KB

.secimg
Size: 1024B - Virtual size: 597B

.data
Size: 512B - Virtual size: 472B

.memo0
Size: 512B - Virtual size: 48B

.c_mem
Size: 3KB - Virtual size: 2KB

.datse
Size: 1024B - Virtual size: 636B

.rsrc
Size: 128KB - Virtual size: 128KB

.reloc
Size: 1024B - Virtual size: 940B