186f6534679e350809e9d3e9d54bc1e0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

186f6534679e350809e9d3e9d54bc1e0_JaffaCakes118
Size

442KB
MD5

186f6534679e350809e9d3e9d54bc1e0
SHA1

3a3db95d6f15864ecba6f93657a2968822220fae
SHA256

e5aac346ffddf0fa68614faa80f5cd8760d8a3d9b6c00ed5e1f1f4167cfa4720
SHA512

6a2ad42dbe17b946800de20bfccf101ed0a1aecb27f8014558170da9058043bcb6ec3253bb649c3e611645c28e510539b74666f6429380b080577a45b4e23ce9
SSDEEP

6144:Cbvj1N1RxdtOxsxu39fnfYfjalc4ejr34DkEHozRvMts7ZI+GeRgk:CTjPBDA9ffUUVqRviMm+7Rgk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
186f6534679e350809e9d3e9d54bc1e0_JaffaCakes118

Files

186f6534679e350809e9d3e9d54bc1e0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

13c4233deae48b07edfd6526d276d91d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

LoadIconW
wsprintfW
DrawFocusRect
RegisterClassW
UpdateWindow
DestroyWindow
CharNextW
GetClassInfoW
SetWindowPos
GetCursorPos
CopyIcon
GetDesktopWindow
GetClassNameW
CopyImage
DialogBoxParamW
GetSysColor
MessageBoxW
DestroyAcceleratorTable
GetForegroundWindow
BeginPaint
EndDialog
SetForegroundWindow
OffsetRect
GetWindowTextW
FrameRect
GetIconInfo
GetLastActivePopup
SendDlgItemMessageW
RegisterWindowMessageW
PostThreadMessageW
PostMessageW
MessageBeep
SetTimer
EndDeferWindowPos
IsRectEmpty
PeekMessageW
MessageBoxIndirectW
DrawIconEx
PtInRect
MonitorFromRect
GetClientRect
IntersectRect

gdi32

CreateCompatibleBitmap
MoveToEx
CreateHalftonePalette
GetTextExtentPoint32W
CreateDIBSection
CreateFontIndirectW
SetStretchBltMode
SelectObject
Ellipse
Arc
Rectangle
GetDeviceCaps
SetBrushOrgEx
StretchBlt
SetLayout
GetTextMetricsW

kernel32

GlobalLock
CreateEventW
MultiByteToWideChar
MapViewOfFile
LoadLibraryExW
lstrlenA
MoveFileW
GetSystemDirectoryW
FreeLibrary
SetEvent
InterlockedIncrement
FormatMessageW
GetFileSize
LoadResource
CreateEventA
SetCurrentDirectoryW
HeapDestroy
GetFileAttributesW
GetLastError
GetHandleInformation
GetSystemTimeAsFileTime
GetLocalTime
GetCommandLineW
TerminateProcess
SetFileTime
GetModuleHandleA
GetCurrentProcess
FindNextFileW
ResetEvent
VirtualAllocEx
DeleteFileW
lstrcmpW
GetTickCount
WaitForSingleObject
SystemTimeToFileTime
GetWindowsDirectoryW
lstrcmpiW
GlobalUnlock
GetTempFileNameW
GetTickCount
FreeLibraryAndExitThread
InitializeCriticalSection

Sections

.text
Size: 403KB - Virtual size: 403KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13c4233deae48b07edfd6526d276d91d

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

kernel32

Sections

.text Size: 403KB - Virtual size: 403KB

.data Size: 31KB - Virtual size: 31KB

.rsrc Size: 6KB - Virtual size: 296KB

.text
Size: 403KB - Virtual size: 403KB

.data
Size: 31KB - Virtual size: 31KB

.rsrc
Size: 6KB - Virtual size: 296KB