17b5c9536796c0a7a85c7c918b24316c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

17b5c9536796c0a7a85c7c918b24316c_JaffaCakes118
Size

201KB
MD5

17b5c9536796c0a7a85c7c918b24316c
SHA1

4862a828c929cdf2a3d11b4092912d36dda5aa6e
SHA256

37d6ab8744f5a90bc3ab9e831d56097afe52b236535843d7805e888026bfd881
SHA512

d28cb6f3dd7c6c7a739761412d51fa2a56182fafe3e4776ac145f5427434202b599eeb6525ce15cc8918ca0def6796789259c97dc40e3878c74f1dee9366c9c6
SSDEEP

6144:wXFJNzNRys/xczytQZtqGiie5bzS+3c/:wXxzR/ntQZtq9ieY+s/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17b5c9536796c0a7a85c7c918b24316c_JaffaCakes118

Files

17b5c9536796c0a7a85c7c918b24316c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ca79a58fd038d8b1520162bf5396f370

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventW
GetModuleHandleA
GetProcAddress
GetStartupInfoW
ReplaceFileA
GetSystemDirectoryW
CompareFileTime
CreateMailslotA
GetTimeFormatW
GetFileTime
GetProcessHeap
GetVolumeInformationW
GetLocaleInfoW
CreateFileA
GetFileSize
OpenEventA
GetFileAttributesW
AddAtomA
IsBadReadPtr
OpenWaitableTimerA
FindResourceW

user32

DefFrameProcW
GetMenuItemID
GetDC
SetWindowTextW
SetDlgItemTextW
IsChild
GetMenuInfo
CharLowerA
UpdateLayeredWindow
CallWindowProcW
GetSubMenu
CreateDialogIndirectParamW
RegisterClassW
EnumChildWindows
MessageBoxIndirectA
wvsprintfA
ShowCaret
GetCursorPos
InsertMenuW
SetDlgItemInt
MoveWindow
DefFrameProcA
RemoveMenu
GetCapture
GetAsyncKeyState
EndMenu
RegisterClassExA
LoadIconA
LoadMenuIndirectW
UnregisterClassA
MonitorFromRect

gdi32

IntersectClipRect
CreateSolidBrush
GetCurrentObject
SelectBrushLocal
SetWindowExtEx
GetCharABCWidthsFloatA
GetGlyphOutlineW
CreateCompatibleDC
SetDIBColorTable
EndDoc
Escape
PlayMetaFile
CreateFontIndirectA
GetAspectRatioFilterEx
LPtoDP
CreateScalableFontResourceA
StartDocW
SetMapperFlags

advapi32

RegCloseKey
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyW
RegReplaceKeyW

ole32

IsValidIid
CoCreateGuid
CoDeactivateObject
OleUninitialize
OleCreate
CoDosDateTimeToFileTime

opengl32

glEdgeFlag

wsock32

s_perror
getpeername

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cTihsr
Size: 512B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UByt
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dFkS
Size: 2KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VVQe
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.p
Size: 2KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nwIL
Size: 1024B - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yUVcQ
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.GkGoMu
Size: 512B - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fyNB
Size: 512B - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oChh
Size: 2KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vc
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 958B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca79a58fd038d8b1520162bf5396f370

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

opengl32

wsock32

Sections

.text Size: 12KB - Virtual size: 12KB

.cTihsr Size: 512B - Virtual size: 21KB

.UByt Size: 1024B - Virtual size: 8KB

.dFkS Size: 2KB - Virtual size: 39KB

.VVQe Size: 512B - Virtual size: 2KB

.p Size: 2KB - Virtual size: 51KB

.nwIL Size: 1024B - Virtual size: 25KB

.yUVcQ Size: 512B - Virtual size: 20KB

.GkGoMu Size: 512B - Virtual size: 36KB

.data Size: 10KB - Virtual size: 10KB

.fyNB Size: 512B - Virtual size: 22KB

.oChh Size: 2KB - Virtual size: 18KB

.vc Size: 512B - Virtual size: 76KB

.rsrc Size: 165KB - Virtual size: 164KB

.reloc Size: 1024B - Virtual size: 958B

.text
Size: 12KB - Virtual size: 12KB

.cTihsr
Size: 512B - Virtual size: 21KB

.UByt
Size: 1024B - Virtual size: 8KB

.dFkS
Size: 2KB - Virtual size: 39KB

.VVQe
Size: 512B - Virtual size: 2KB

.p
Size: 2KB - Virtual size: 51KB

.nwIL
Size: 1024B - Virtual size: 25KB

.yUVcQ
Size: 512B - Virtual size: 20KB

.GkGoMu
Size: 512B - Virtual size: 36KB

.data
Size: 10KB - Virtual size: 10KB

.fyNB
Size: 512B - Virtual size: 22KB

.oChh
Size: 2KB - Virtual size: 18KB

.vc
Size: 512B - Virtual size: 76KB

.rsrc
Size: 165KB - Virtual size: 164KB

.reloc
Size: 1024B - Virtual size: 958B