1ba0aa62217aee3f8a2ab3c597255663_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1ba0aa62217aee3f8a2ab3c597255663_JaffaCakes118
Size

34KB
MD5

1ba0aa62217aee3f8a2ab3c597255663
SHA1

4742bc1695dca98e36f87b0b750cf7f964c236cf
SHA256

497f10bd4472ab6da73667313a7e5f0f7aec924fc22d4410b255d97a730d8fad
SHA512

792ee18e3ae5c5e972ea6651775b6d2271c68ffa5b499cd33bce3b20f3d1eb922ed461e37537bf4e1759490a9f495b251905688050a16501689d995e88c0e65f
SSDEEP

384:W3UAzwE3d4rut8xYkKD4unBWYXnnWQ0yO0B4758/fytDuwgfe4TDFwc1/SKMi:uUAn7CSMuBWmD9TB4yylbx4TD91/X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ba0aa62217aee3f8a2ab3c597255663_JaffaCakes118

Files

1ba0aa62217aee3f8a2ab3c597255663_JaffaCakes118
.exe windows:5 windows x86 arch:x86

eabf92d9bdab158d5dca358e6a63a1c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
_except_handler3

kernel32

HeapAlloc
GetCurrentProcess
HeapFree
VirtualFree
GetProcessHeap
TlsSetValue
TerminateThread
TerminateProcess
VirtualAlloc
LoadLibraryA
OpenThread
GetExitCodeThread
GetModuleHandleA
GetCurrentThreadId
SuspendThread
ResumeThread
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreA
CloseHandle
TlsGetValue

user32

CreateWindowExA
PostMessageA
MoveWindow
GetWindowRect
DrawTextA
GetWindow
ModifyMenuA
SetScrollInfo
SetMenuItemInfoA
UpdateWindow
SetWindowTextA
GetMenuInfo
GetMenuItemCount
GetActiveWindow
ShowWindow
LoadAcceleratorsA
GetMenuItemInfoA
TranslateAcceleratorA
GetWindowLongA
GetScrollInfo
SetWindowLongA
GetMenu
GetForegroundWindow
TranslateMessage
GetSubMenu
GetMenuItemID
ScreenToClient
GetMessageA
GetWindowInfo
GetDC
ReleaseDC
SetWindowPos
FindWindowA
InvalidateRect
SendMessageA

gdi32

LineTo
DeleteDC
SelectObject
CreateCompatibleDC
Polyline
CreatePen
MoveToEx
BitBlt

Exports

Exports

?WindowHandle@@YGPAXXZ

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eabf92d9bdab158d5dca358e6a63a1c5

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: - Virtual size: 4B

.idata Size: 2KB - Virtual size: 2KB

.cdata Size: 2KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 80KB - Virtual size: 80KB

.reloc Size: 512B - Virtual size: 436B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: - Virtual size: 4B

.idata
Size: 2KB - Virtual size: 2KB

.cdata
Size: 2KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 80KB - Virtual size: 80KB

.reloc
Size: 512B - Virtual size: 436B