0fa9334ad716c3abca34eac8f5449b64_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0fa9334ad716c3abca34eac8f5449b64_JaffaCakes118
Size

212KB
MD5

0fa9334ad716c3abca34eac8f5449b64
SHA1

81e6538f3f8395944a3642c7402f1e2e29edc5da
SHA256

d0d96294342dc9064fb8704519f8aaa189bbc22c53b9420a48000cbb7a64eec0
SHA512

e300fb78988b4a447cdf6f1ac4590b7a8011ee06be233170643eb0a712786930334c27805bc56a5e613d80501872b49a1c313bf613b4a0514b904f44d5233dcd
SSDEEP

3072:h0yB4SEOmh6dqLhWJ1znTbewdlI/C9e8YrI1/5k8IyxuBWo2DijdJ3M+zkE2:hfseqLhmtqwnIH8YrI1usx7vGjdJy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fa9334ad716c3abca34eac8f5449b64_JaffaCakes118

Files

0fa9334ad716c3abca34eac8f5449b64_JaffaCakes118
.exe windows:4 windows x86 arch:x86

20d6c7b0be6242d4ecaca039ab99eec7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
VirtualAlloc
HeapDestroy
lstrcmpA
LoadLibraryA

user32

GetActiveWindow
OemToCharA
GetDC
GetKeyState
CharUpperBuffA
GetMessagePos
wsprintfA
CreatePopupMenu
GetCursor
GetWindowTextLengthA
SetFocus
PeekMessageA
UnregisterClassA
PostQuitMessage
DeleteMenu
GetKeyboardLayoutList
RemoveMenu
SetScrollRange
GetMenuItemID
SetWindowsHookExA
SetWindowLongW
CloseClipboard
GetWindowThreadProcessId
EnumChildWindows
GetClipboardData
IsChild
GetSystemMenu
LoadStringA
CreateIcon
GetWindowPlacement
GetWindowLongW
ReleaseCapture
GetParent
SetCapture
GetCapture
DrawMenuBar
GetSubMenu
GetPropA
EnumWindows
GetWindowDC
RegisterWindowMessageA
EndPaint
GetDCEx
DrawIcon
ShowWindow
ClientToScreen
SetMenuItemInfoA
DrawIconEx
MapVirtualKeyA
LoadKeyboardLayoutA
GetMenuItemCount
IsWindowVisible
IsRectEmpty
RedrawWindow
GetKeyboardLayout
UnhookWindowsHookEx
GetKeyNameTextA
SendMessageW
DefWindowProcA
SetActiveWindow
DestroyWindow
DispatchMessageA
GetMenu

Exports

Exports

_ZUXxP5JWe
_oNLJq
xNwYTWF2fHF
XJfvRuNwa2p
_D6NinvofLuPD@16
_AVV0fJc7GNY
_zXtWuzTEIf@8

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text

Sharing

General

Malware Config

Signatures

Files

20d6c7b0be6242d4ecaca039ab99eec7

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 191KB - Virtual size: 190KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 191KB - Virtual size: 190KB

.rsrc
Size: 5KB - Virtual size: 4KB