034593084a7356c4f339b3bac61e47e0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

034593084a7356c4f339b3bac61e47e0_JaffaCakes118
Size

220KB
MD5

034593084a7356c4f339b3bac61e47e0
SHA1

637463329b5efd0d7e70c2732b9df49cdf35d5a8
SHA256

3476995ef93966ce9a2ea6a23e02813a2fa549ec9448449aa4eafbc70f711d3d
SHA512

b5dcb13e15436bebbfafaaddfa80b6b74686723a3a2f83e276a3cd13aaa078833c68133705ad5aba25891ab8c7aa134034145afa27d75fb45b79dcefed0bcedf
SSDEEP

6144:LqFV7mmeJN8oFMJhsHxYAbQPUidqBCcEGX5E5N3:LYe3FhYAbQPUid7cuN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
034593084a7356c4f339b3bac61e47e0_JaffaCakes118

Files

034593084a7356c4f339b3bac61e47e0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e951be74513487d360b8c8c1dc53a4bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyboardType
SendMessageA
IsCharAlphaW
IsZoomed
TabbedTextOutW
PostMessageW
FindWindowW
CharToOemA
DrawEdge
SendMessageTimeoutA
CopyImage
UpdateWindow
GetMessageExtraInfo
CharLowerA
MessageBoxExW
LoadCursorA
GetClassInfoW
LoadIconA
ActivateKeyboardLayout
LoadBitmapA
GetWindowPlacement
GetKeyState
SendDlgItemMessageA
FillRect
GetShellWindow
OpenDesktopW
wvsprintfA
SetClassLongW

comdlg32

ReplaceTextW
PrintDlgExW
ChooseFontW
FindTextW
GetOpenFileNameW

gdi32

SetMapMode
CreateFontA
CreateCompatibleBitmap
OffsetViewportOrgEx
SetDIBitsToDevice
GetDeviceCaps
CreateSolidBrush
CreatePenIndirect
CreateDIBSection
PtVisible
SetViewportExtEx
GetObjectW
GetCurrentObject

kernel32

RegisterWaitForSingleObject
GetTempFileNameA
TerminateThread
LocalFree
LocalAlloc
DeleteCriticalSection
CreateFileA
CompareFileTime
GetFileTime
GetUserDefaultUILanguage
ResetEvent
SizeofResource
LeaveCriticalSection
SetFilePointer
GetCommTimeouts
SetThreadPriority

comctl32

PropertySheetA
PropertySheetW
ImageList_GetImageCount
ImageList_GetIconSize
CreatePropertySheetPageA

Exports

Exports

?KJFDkljfljhUYDFuifUKYFlKFilFUYFUIh@@YGKEPA_WG@Z

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 34KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e951be74513487d360b8c8c1dc53a4bf

Headers

File Characteristics

Imports

user32

comdlg32

gdi32

kernel32

comctl32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 68KB - Virtual size: 68KB

.mdata Size: 14KB - Virtual size: 13KB

.data Size: 34KB - Virtual size: 190KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 68KB - Virtual size: 68KB

.mdata
Size: 14KB - Virtual size: 13KB

.data
Size: 34KB - Virtual size: 190KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB