1889d9bdbc7cfd6aa3f5c74116520557_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1889d9bdbc7cfd6aa3f5c74116520557_JaffaCakes118
Size

42KB
MD5

1889d9bdbc7cfd6aa3f5c74116520557
SHA1

535b3f0eba9cda1b6515a9defa8429bd24484335
SHA256

472df942957c10c57342ddc98dd9376c6bd1543ac8a8c20fcfee5d2b069ab9e6
SHA512

86b7d64f28b31eff55827d1b01f414e1796a74aaf02a43cf49bc22802fde15e2284b342d16960345e14f34267a6961d7a868338795a76450a4bf424029707cf2
SSDEEP

768:5zbIgoD4KDNKWRB8fctAGhEau1IbgVl2rXs5J05gpK0b:5zU3RhK6acf9u14nSe5C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1889d9bdbc7cfd6aa3f5c74116520557_JaffaCakes118

Files

1889d9bdbc7cfd6aa3f5c74116520557_JaffaCakes118
.exe windows:4 windows x86 arch:x86

489b01273219ca69de32dd5af5c861fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
VirtualProtect
GetConsoleOutputCP
Module32Next
FindFirstVolumeMountPointW
VerLanguageNameA
GetStdHandle
GetPrivateProfileSectionNamesW
GetProfileStringA
GlobalFlags
CompareStringW
RegisterWaitForInputIdle

user32

SetDlgItemInt
GetGUIThreadInfo
ClipCursor
DdeQueryNextServer
GetScrollPos
MonitorFromWindow
IsWindowUnicode
SetMenu
QuerySendMessage
DdeUnaccessData
InSendMessage
LoadKeyboardLayoutA
SetMenuDefaultItem
FindWindowW
UserHandleGrantAccess
GetKeyboardLayoutNameA
RealChildWindowFromPoint
CloseWindowStation
CloseDesktop
DlgDirSelectComboBoxExA

gdi32

CopyEnhMetaFileA
EngAlphaBlend
RealizePalette
GdiPlayDCScript
PlayEnhMetaFileRecord
GetTextFaceW
AddFontResourceTracking
DeleteObject
SetICMMode
GdiEntry13
GetStretchBltMode
ExtTextOutA
StretchBlt
GetClipRgn
EngStretchBlt
GetLogColorSpaceA
SetRelAbs
GetETM
EnumFontsW
RemoveFontResourceExA
EngCreateBitmap
CreateDIBSection
CLIPOBJ_ppoGetPath
GdiIsMetaFileDC
FontIsLinked
SetPixel
CreateRoundRectRgn
GetCharacterPlacementA
EnumMetaFile
GetKerningPairsA
GdiDeleteSpoolFileHandle
GdiFixUpHandle

comdlg32

FindTextA
WantArrows
PageSetupDlgW
PrintDlgW
GetOpenFileNameA
GetSaveFileNameA
ReplaceTextW
PrintDlgExA
GetFileTitleA
ChooseFontW
dwOKSubclass
ChooseColorW
LoadAlterBitmap

psapi

EnumProcessModules
EmptyWorkingSet
GetModuleFileNameExA
GetProcessMemoryInfo
GetDeviceDriverFileNameW
GetModuleFileNameExW
GetDeviceDriverFileNameA
GetDeviceDriverBaseNameW
GetDeviceDriverBaseNameA
GetWsChanges
GetModuleBaseNameA
EnumProcesses
GetMappedFileNameA
QueryWorkingSet
GetModuleInformation
InitializeProcessForWsWatch

comctl32

InitCommonControls
PropertySheetA
ImageList_DragLeave
ImageList_GetImageInfo
ImageList_SetOverlayImage
ImageList_SetFilter
FlatSB_GetScrollPos
ImageList_DrawEx
ImageList_GetBkColor
CreatePropertySheetPageW
ImageList_SetIconSize
_TrackMouseEvent
DllGetVersion
DrawInsert
FlatSB_EnableScrollBar
DrawStatusTextA
LBItemFromPt
MenuHelp
GetEffectiveClientRect
ImageList_Duplicate
ImageList_Replace
ImageList_LoadImageW
ShowHideMenuCtl
CreateStatusWindowA
ImageList_GetIconSize
ImageList_DragShowNolock
ImageList_AddMasked
FlatSB_GetScrollRange
CreateToolbar
ImageList_LoadImage

Sections

.text
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

489b01273219ca69de32dd5af5c861fe

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

psapi

comctl32

Sections

.text Size: 4KB - Virtual size: 44KB

.data Size: 32KB - Virtual size: 36KB

.idata Size: 4KB - Virtual size: 8KB

.text
Size: 4KB - Virtual size: 44KB

.data
Size: 32KB - Virtual size: 36KB

.idata
Size: 4KB - Virtual size: 8KB