16f8640834b870bfd707502afa165a1f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16f8640834b870bfd707502afa165a1f_JaffaCakes118
Size

263KB
MD5

16f8640834b870bfd707502afa165a1f
SHA1

9f99b10500bc836115a248c818463a741e9303af
SHA256

c5b592b30497cfbe48f021d2889cfacecf2df4f71891aa382e724fcc539be0fc
SHA512

fb39132c26b475260cfb49c1180505fcd92ab6b3b815bd6bd9a550b9f45e99c02e0e69c194238c38b1a509cf1cf59b8cdec37c1745b40b5f1eb06e2cf5e83016
SSDEEP

6144:inmTLNeKhGz6WPwWgEEqWKD1nvSkQF1r0cNWEFNp:++LN3qlaiDuF1wctFNp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16f8640834b870bfd707502afa165a1f_JaffaCakes118

Files

16f8640834b870bfd707502afa165a1f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ff4cf260dc4625f9b89d666261e17dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
RemoveDirectoryW
GetWindowsDirectoryW
SystemTimeToFileTime
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
CreateDirectoryW
ExpandEnvironmentStringsA
GetSystemTime
GetLocalTime
CreateEventW
WaitForSingleObject
lstrcmpW
CompareFileTime
lstrcmpiW
FindResourceW
LoadResource
FreeLibrary
MoveFileW
FileTimeToSystemTime
GetTimeFormatW
GetDateFormatW
lstrcpynW
GetModuleHandleW
lstrlenW
lstrlenA
LocalFree
CreateMutexW
GetProcAddress

user32

GetSysColorBrush
RemoveMenu
GetSubMenu
GetSysColor
LoadCursorW
GetFocus
IsWindow
SetTimer
InvalidateRect
GetCursorPos
RegisterWindowMessageW
GetTopWindow
MoveWindow
GetForegroundWindow
PeekMessageW
GetMenuState
GetMenuItemCount
AppendMenuW
LoadBitmapW
CreatePopupMenu
GetDesktopWindow
EnableWindow
SendMessageW
SetWindowPos
SetDlgItemTextW
GetSystemMetrics
CreateDialogParamW
DestroyIcon
EnableMenuItem
PostMessageW
CopyRect
GetMenuItemInfoW
CreateMenu
GetMenuItemID

gdi32

CreateCompatibleDC
CreateFontIndirectW
CreatePen
CreateRectRgn
CreateHatchBrush
CreateDIBSection
DeleteObject
CreatePatternBrush
CreateSolidBrush

advapi32

RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

ShellExecuteW

comctl32

ImageList_GetIconSize

usp10

UspFreeMem
ScriptString_pSize
ScriptStringValidate
ScriptCPtoX

licmgr10

DllCanUnloadNow
DllUnregisterServer
DllGetClassObject

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ECT
Size: 512B - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.LDWU
Size: 4KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mX
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RxwII
Size: 4KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.H
Size: 74KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zGmBj
Size: 5KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MK
Size: 3KB - Virtual size: 707KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tpLG
Size: 138KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ff4cf260dc4625f9b89d666261e17dc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

usp10

licmgr10

Sections

.text Size: 16KB - Virtual size: 16KB

.ECT Size: 512B - Virtual size: 19KB

.LDWU Size: 4KB - Virtual size: 33KB

.rdata Size: 3KB - Virtual size: 38KB

.mX Size: 4KB - Virtual size: 32KB

.RxwII Size: 4KB - Virtual size: 57KB

.H Size: 74KB - Virtual size: 82KB

.zGmBj Size: 5KB - Virtual size: 1.1MB

.data Size: 6KB - Virtual size: 326KB

.MK Size: 3KB - Virtual size: 707KB

.tpLG Size: 138KB - Virtual size: 204KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 16KB - Virtual size: 16KB

.ECT
Size: 512B - Virtual size: 19KB

.LDWU
Size: 4KB - Virtual size: 33KB

.rdata
Size: 3KB - Virtual size: 38KB

.mX
Size: 4KB - Virtual size: 32KB

.RxwII
Size: 4KB - Virtual size: 57KB

.H
Size: 74KB - Virtual size: 82KB

.zGmBj
Size: 5KB - Virtual size: 1.1MB

.data
Size: 6KB - Virtual size: 326KB

.MK
Size: 3KB - Virtual size: 707KB

.tpLG
Size: 138KB - Virtual size: 204KB

.rsrc
Size: 2KB - Virtual size: 2KB