00280e7c71d4306d227154a8c4794d5b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

00280e7c71d4306d227154a8c4794d5b_JaffaCakes118
Size

241KB
MD5

00280e7c71d4306d227154a8c4794d5b
SHA1

4992b94eea26129c9c75c37f85937aa9e7de339a
SHA256

d3f2303455e77bc9000bb7ff4f86ea903359359331446fe0661f917365a850d8
SHA512

595b0f7ad3af2d52efb54938204d8828f042ad66c9350ee72f0e46d6f798d1839687d1f16f451d563ea867352bd56968a47f276005d5dc7ba62289195cc3f4e7
SSDEEP

3072:aLklxdPDQkGmmzqDZfcyRP8tY9h6cHZM/4HD53OaiCWuXt:aiD5fmqcyxEoUcq/493/iCW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00280e7c71d4306d227154a8c4794d5b_JaffaCakes118

Files

00280e7c71d4306d227154a8c4794d5b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac8c404026f4f236a492d437a39197e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
HeapDestroy
ExitProcess
lstrlenA
WaitForSingleObject
GetCommandLineW
lstrcpynA
SetEvent
GetModuleHandleA
WriteFile
LocalFree
lstrcmpiA
GetProcAddress
SetThreadLocale
lstrcatA
GlobalAlloc
WideCharToMultiByte
VirtualAllocEx
SetLastError
IsBadHugeReadPtr
LocalAlloc
lstrcpyA
VirtualFree
MoveFileExA
MoveFileA
ExitThread
SizeofResource
RaiseException
MulDiv
SetHandleCount

gdi32

CreateBitmap
CopyEnhMetaFileA
BitBlt

user32

GetMenuState
InsertMenuA
IsZoomed
GetCursor
InsertMenuItemA
IsDialogMessageW
GetClassNameA
GetWindowDC
IsDialogMessageA
GetWindowLongW
GetWindowRect
GetSubMenu
GetKeyboardType
GetWindowLongA
InvalidateRect
IsWindowVisible
GetForegroundWindow
GetScrollRange
GetMenuStringA
IsRectEmpty
GetMenuItemInfoA
GetDCEx
IsIconic
GetTopWindow
GetSystemMenu
GetSysColorBrush
GetScrollPos
GetWindowThreadProcessId
GetLastActivePopup
GetKeyNameTextA
GetKeyboardLayoutList

Sections

.RES42
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES76
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RES79
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES35
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES92
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES38
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES45
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES33
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES91
Size: 512B - Virtual size: 442B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac8c404026f4f236a492d437a39197e8

Headers

File Characteristics

Imports

kernel32

gdi32

user32

Sections

.RES42 Size: 70KB - Virtual size: 69KB

.rdata Size: 2KB - Virtual size: 2KB

.RES76 Size: 155KB - Virtual size: 154KB

.RES79 Size: 1KB - Virtual size: 1KB

.RES35 Size: 1KB - Virtual size: 1KB

.RES92 Size: 1KB - Virtual size: 1KB

.RES38 Size: 2KB - Virtual size: 1KB

.RES45 Size: 1024B - Virtual size: 956B

.RES33 Size: 2KB - Virtual size: 1KB

.RES91 Size: 512B - Virtual size: 442B

.rsrc Size: 2KB - Virtual size: 2KB

.RES42
Size: 70KB - Virtual size: 69KB

.rdata
Size: 2KB - Virtual size: 2KB

.RES76
Size: 155KB - Virtual size: 154KB

.RES79
Size: 1KB - Virtual size: 1KB

.RES35
Size: 1KB - Virtual size: 1KB

.RES92
Size: 1KB - Virtual size: 1KB

.RES38
Size: 2KB - Virtual size: 1KB

.RES45
Size: 1024B - Virtual size: 956B

.RES33
Size: 2KB - Virtual size: 1KB

.RES91
Size: 512B - Virtual size: 442B

.rsrc
Size: 2KB - Virtual size: 2KB