1be05d0f96a4a038ad6547d11d6990b1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1be05d0f96a4a038ad6547d11d6990b1_JaffaCakes118
Size

2.5MB
MD5

1be05d0f96a4a038ad6547d11d6990b1
SHA1

6b2ddddcb8688d7f099808752647030b620a562e
SHA256

0597796194b1ffe848efc10aaaae9e066cf0ee849fde3cb1f71e83acdf577819
SHA512

4ca3f07bd3dbe450b36f861fc5d061de5db69b26bfdc27c5e04021ebab9971391d0bfcea265a904c709cc6fa2fa7843ada080772071df153f2e0407d9fedff32
SSDEEP

49152:J3WPKcrQyhLh+LYgdfKZv6KpoQbPia58luYB:prcPwYgdr2bPzmgYB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1be05d0f96a4a038ad6547d11d6990b1_JaffaCakes118

Files

1be05d0f96a4a038ad6547d11d6990b1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

53675901a78f0e49169ebda06b4d64c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetScrollPos
InvalidateRgn
GetSysColor
EnumChildWindows
PostThreadMessageW
InsertMenuItemW
GetWindowLongA
UnionRect
GetSystemMetrics
TileChildWindows
CascadeWindows
GetDC
SetWindowTextA

shlwapi

StrCpyW
PathGetArgsW
PathGetCharTypeW

kernel32

GetFullPathNameW
GetSystemTimeAdjustment
GetWindowsDirectoryW
SetHandleInformation
GetTapeStatus
GetCurrentThread
IsValidCodePage
ConnectNamedPipe
GetModuleFileNameW
lstrlenW
FindFirstFileW
GetDateFormatW
GetACP
LocalFileTimeToFileTime

gdi32

SetDIBitsToDevice
DeleteColorSpace
IntersectClipRect
CreateFontA
CreateBitmapIndirect
GetPixel
SaveDC
GetColorSpace
TextOutA
GetPaletteEntries

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoInitialize

comctl32

PropertySheetW
CreateToolbarEx

Exports

Exports

FKooQcLExuUwctdt
IDvRqUIydsocytzhqvoyzm
QAGgqazpekhiFdkyc
?_OtdweaeadaagmGcObvp@@YGPAFH@Z
?_UohgaXxFinSjMmu@@YGDGPAI@Z
_UttWwkntsowfqgbaNLjdu
?KORmhpkOsXlrllcgds@@YGPAHK@Z

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 294B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vars
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.packed
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmem
Size: - Virtual size: 20.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack0
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53675901a78f0e49169ebda06b4d64c5

Headers

File Characteristics

Imports

user32

shlwapi

kernel32

gdi32

ole32

comctl32

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 15KB

.itext Size: 512B - Virtual size: 208B

.idata Size: 1KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 294B

.vars Size: 2KB - Virtual size: 2KB

.packed Size: 5KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 3KB

.vmem Size: - Virtual size: 20.5MB

.pack0 Size: 1.5MB - Virtual size: 1.5MB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 15KB - Virtual size: 15KB

.itext
Size: 512B - Virtual size: 208B

.idata
Size: 1KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 294B

.vars
Size: 2KB - Virtual size: 2KB

.packed
Size: 5KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 3KB

.vmem
Size: - Virtual size: 20.5MB

.pack0
Size: 1.5MB - Virtual size: 1.5MB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.reloc
Size: 3KB - Virtual size: 3KB