1c597f6718efe7c16238ead6c75ae4cd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1c597f6718efe7c16238ead6c75ae4cd_JaffaCakes118
Size

65KB
MD5

1c597f6718efe7c16238ead6c75ae4cd
SHA1

f6707a8b1b2a273274f8da7ec8b7f8202872bf1e
SHA256

a080f39dcb92d9c924a0a0ecbecffea2afd6ad2f20ceb000db15f7b05f5cc71b
SHA512

11cbcc91586afd676145a3d99b7340041db003bc6f66460aeb790fed834cfb3a03714f04efb52134640b1e78a3f1b1fc64283764000da8affab61026f19a5285
SSDEEP

1536:+/wDXj2B37Aga1B4stPcLCOYMlxZH6V4Fr7:ZDz2dW1Btmh6V4t7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c597f6718efe7c16238ead6c75ae4cd_JaffaCakes118

Files

1c597f6718efe7c16238ead6c75ae4cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c6f16b149652b47c9a679fa0afa3bb55

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetBitmapBits
SetBkColor
CreateBrushIndirect
GetClipBox

user32

SetScrollInfo
TranslateMDISysAccel
SetMenuItemInfoA
SetParent
DrawIconEx
CloseClipboard
IsDialogMessageA
PostQuitMessage
LoadKeyboardLayoutA
BeginPaint
MessageBeep
GetClassNameA
GetClassInfoA
OffsetRect
CallNextHookEx
GetScrollRange
SetWindowPos
SetActiveWindow
GetWindowPlacement
IsZoomed
CreateMenu
SetCapture
GetClassLongA
DispatchMessageA
CharNextA
SetScrollPos
InflateRect
RemovePropA
GetScrollPos
GetClipboardData
SetRect
GetKeyboardLayoutList
SetCursor
DestroyIcon
DeleteMenu
ActivateKeyboardLayout
RedrawWindow
CreatePopupMenu
EnumChildWindows
GetFocus
GetMenu
OpenIcon
GetWindowLongA
MsgWaitForMultipleObjects
GetKeyboardState
EnumThreadWindows
CharUpperA
GetDlgItem
DefFrameProcA
IsWindowEnabled
GetSubMenu
SetWindowPlacement
LoadIconA
SetWindowLongW
GetWindow
GetWindowTextA
WaitMessage
GetWindowTextLengthA
DispatchMessageW
SetWindowTextA
ScreenToClient
GetMenuItemInfoA

kernel32

FreeResource
GetCurrentProcessId
GetCommandLineA
lstrcmpA
GetCurrentThreadId
GetEnvironmentStrings
IsBadReadPtr
VirtualAlloc
Sleep
FreeLibrary
LocalAlloc
lstrcpynA
lstrlenW
InitializeCriticalSection
GetModuleHandleW
LoadLibraryA
HeapAlloc
GetCurrentProcess
GetFileSize
DeleteFileA
ResetEvent
GetCommandLineW
LocalFree
WriteFile
GlobalDeleteAtom
GetLastError
GetVersionExA
FindResourceA
GetModuleFileNameA
CreateThread
WaitForSingleObject
SetHandleCount
GetProcessHeap
FormatMessageA
FindClose
SetThreadLocale
MoveFileA
GetStartupInfoA
LocalReAlloc
GetDiskFreeSpaceA
FindFirstFileA
VirtualFree
VirtualAllocEx
CompareStringA
GetModuleHandleA
LockResource
DeleteCriticalSection
EnterCriticalSection
SetErrorMode
GetStdHandle
RaiseException
GetOEMCP
lstrcatA
GlobalAlloc
SetFilePointer
SizeofResource
GetACP
CloseHandle
lstrcmpiA
GetStringTypeW
MoveFileExA
GetFullPathNameA
GetFileType
lstrlenA
GlobalFindAtomA

ole32

OleRegGetUserType
StringFromIID
CoReleaseMarshalData
PropVariantClear
OleRun
CoFreeUnusedLibraries

Exports

Exports

EfS_Agz

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6f16b149652b47c9a679fa0afa3bb55

Headers

File Characteristics

Imports

gdi32

user32

kernel32

ole32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 48KB - Virtual size: 103KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 48KB - Virtual size: 103KB

.rsrc
Size: 2KB - Virtual size: 1KB