16efe614f7dd16216b0094f42b68418f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16efe614f7dd16216b0094f42b68418f_JaffaCakes118
Size

97KB
MD5

16efe614f7dd16216b0094f42b68418f
SHA1

ae8e28f34af49af0911c5bb8b774dd1d5b449a3e
SHA256

cd286f2f35662ddc3e5037d87592e2cfc3b7ac4d01256fb21997360ea5981c74
SHA512

2d3a24c77f69c3b1714b4c0c5ce88bbec1cd8372a0c53b868a4e1ec67d25b1b6eb5d3d95afe694a2c321d6475d9ae532deae8260f7f0cdf2a9bdc85a64fe118d
SSDEEP

3072:GCMWE+eiBsopny/Gslaef+0xsKXE8rXWSR:CWE+eJodyh3miXE8rXWc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16efe614f7dd16216b0094f42b68418f_JaffaCakes118

Files

16efe614f7dd16216b0094f42b68418f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fb947fe4ba4190d467e463ff36da79f5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

_strcmpi
wcsrchr
memchr
_wcsicmp

shell32

ord196
SHGetPathFromIDListW

shlwapi

StrChrW
StrNCatA

kernel32

GetExitCodeProcess
GetBinaryTypeW
OpenMutexA
GlobalFindAtomW
LoadLibraryExA
UpdateResourceW
CloseHandle
DeleteAtom
WaitForSingleObject
GetFileAttributesExA
GetQueuedCompletionStatus
GetModuleHandleExW
BackupSeek

user32

WinHelpA
ChangeClipboardChain
EnumWindows
GrayStringA
EnumDesktopsW
CreateIconFromResourceEx
InvalidateRgn
GetMenuState
KillTimer
SendDlgItemMessageA
MapVirtualKeyW
GetNextDlgGroupItem
GetDlgItem
CheckDlgButton
ScrollWindowEx
ScrollDC
DefDlgProcW
PeekMessageW
CharToOemBuffW
OemToCharBuffA
GetKeyboardLayoutNameW
LoadStringW
GetQueueStatus

gdi32

GetMiterLimit
GetEnhMetaFileW
CreateDCA
GetArcDirection
GetCharWidthA
CreateMetaFileW
DeleteColorSpace
Ellipse
EndPath
CreateRectRgn
PlgBlt
SetPixelFormat
GetObjectA
GetPaletteEntries
PtInRegion

ole32

CoUninitialize
IsAccelerator
ReadClassStm
CoInitialize
CoFileTimeToDosDateTime

Exports

Exports

?KJfkdshjkfhHGfhsdhkgfds@@YGKKK@Z
?MHfkjdhGfhgsdkhsdgs@@YGKKKK@Z
?NBZbfdsbgfgJYGfdjshgsdg@@YGKK@Z

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.newdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb947fe4ba4190d467e463ff36da79f5

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

shell32

shlwapi

kernel32

user32

gdi32

ole32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 432B

.newdata Size: 512B - Virtual size: 512B

.imports Size: 2KB - Virtual size: 1KB

.rsrc Size: 119KB - Virtual size: 119KB

.reloc Size: 1024B - Virtual size: 588B

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 432B

.newdata
Size: 512B - Virtual size: 512B

.imports
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 119KB - Virtual size: 119KB

.reloc
Size: 1024B - Virtual size: 588B