17943a9ebe651c3b57199b687670f8ce_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

17943a9ebe651c3b57199b687670f8ce_JaffaCakes118
Size

77KB
MD5

17943a9ebe651c3b57199b687670f8ce
SHA1

ec6382deefa215aed2e7908038e8784aac1d8ea1
SHA256

71071671378cb8834fe9d6c77fcff06922877b9628a8fa82b614888d5f9c74b5
SHA512

2259c9aebf33ab8235bab964524b3998393333b3ceac7183a9893bc8ad86b1eefb60dc46bcd921586d2131820c85b440dc16f76cead6bbd64c280d68bd79aecc
SSDEEP

1536:LNwBkeh5sxPSqIe277WxXl1Ru8oxrUlTHbqDX+KNtT:QhyxPtIv787Ru8oxAlT7SuKNtT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17943a9ebe651c3b57199b687670f8ce_JaffaCakes118

Files

17943a9ebe651c3b57199b687670f8ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f15ea847320c5e1160d51d3cee2c1f5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetForegroundWindow
CreatePopupMenu
GetClipboardData
PtInRect
InvalidateRect
LoadStringA
GetLastActivePopup
CharToOemA
SetWindowPos
EnumWindows
SetActiveWindow
GetCursorPos
SetRect
IsIconic
GetClassNameA
MsgWaitForMultipleObjects
UnhookWindowsHookEx
SetMenu
FrameRect
GetMenu
EnableWindow
DrawIconEx
DestroyCursor
GetDC
SetParent
CallWindowProcA
SystemParametersInfoA
LoadIconA
IsMenu
PostQuitMessage
TrackPopupMenu
IsCharLowerA
GetCursor
EnableScrollBar
CharUpperBuffA
GetSubMenu
GetWindowThreadProcessId
GetWindowPlacement
GetSysColorBrush
GetScrollRange
IsZoomed
EndDialog
DeleteMenu
GetActiveWindow
MapVirtualKeyA
GetKeyboardType
GetWindowLongA
ChildWindowFromPoint
GetClientRect
GetDesktopWindow
RegisterClassA
SetClassLongA
ScreenToClient
GetSysColor
IntersectRect
ScrollWindow
wsprintfA
EnableMenuItem
GetClassLongA
MapWindowPoints
SetCapture
GetWindowRect
IsChild

kernel32

GetVersionExA
HeapAlloc
WaitForSingleObject
ExitProcess
GetEnvironmentStrings
GetOEMCP
GetLocalTime
LoadLibraryA
GetProcessHeap
VirtualFree
GetStdHandle
GlobalAddAtomA
WideCharToMultiByte
GetStringTypeW
GetDiskFreeSpaceA
CloseHandle
VirtualQuery
GetCurrentThread
GetACP
LocalAlloc
EnumCalendarInfoA
VirtualAlloc

shell32

SHGetDesktopFolder
SHGetDiskFreeSpaceA

Exports

Exports

mzHWz@4
_l8XbjujfIqe
rxoQTRgS19u3Y
FX6xsmEg6@20
_nZhszlbIt
jWBg9T@20
_cKMEsE7Bn
_nllbkG@24
_S8Jtv@16
_fF43eMNy7S@24
_CsxfbcMv7@16

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 48KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f15ea847320c5e1160d51d3cee2c1f5f

Headers

File Characteristics

Imports

user32

kernel32

shell32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 12KB - Virtual size: 11KB

.bss Size: 48KB - Virtual size: 71KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 12KB - Virtual size: 11KB

.bss
Size: 48KB - Virtual size: 71KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 3KB