2808ca31261a3f43b043248e79ed9f45_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2808ca31261a3f43b043248e79ed9f45_JaffaCakes118
Size

80KB
MD5

2808ca31261a3f43b043248e79ed9f45
SHA1

0bd73b2835e65575a87bc6269b9f5b80eba78c9b
SHA256

5afa1c0644b05fc016d224fe8eb016401c3dcd3f76d44611ffb6053b6ac12273
SHA512

176f15fd711908c5d07fc162aa67632ad20df7fb5d423b0d3e418837029f0639b4f5e1ecac63a8589ca1004105caa38ad2a1c9ded1b525b710ff72b091a017cf
SSDEEP

1536:JWvynbUvpgVMfH1YLkq311n52F0m7gCz6S:JWdpgV4H1C31QR+S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2808ca31261a3f43b043248e79ed9f45_JaffaCakes118

Files

2808ca31261a3f43b043248e79ed9f45_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1820d0763180525e33029fd2a9d28c5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
GetCurrentProcess
Sleep
GetModuleHandleA
GetProcAddress

query

DoneCIISAPIPerformanceData

duser

GetGadgetRgn
IsStartDelete
AttachWndProcA
CreateGadget
GetGadget
DUserGetRectPRID
SetGadgetRootInfo
RegisterGadgetProperty
SetGadgetScale
DUserFindClass
DUserCastHandle
InvalidateGadget
BuildDropTarget
DUserGetGutsData

user32

MessageBoxIndirectA
LoadIconW
GetMenuItemInfoA
wsprintfA
DestroyCursor
SendDlgItemMessageA
DialogBoxParamW
TrackPopupMenu
GetDlgItemInt
SetFocus
CreateWindowExW
GetTopWindow
GetCaretPos
GetWindowRgn
WinHelpW
CreateMenu
ShowCaret
LoadImageW
IsWindow
EnumWindows
GetDlgItemTextW
SetParent
ShowWindow
CharPrevW
SetWindowTextW
SetActiveWindow
InvalidateRect
PostMessageW
MonitorFromWindow
ActivateKeyboardLayout
GetClassInfoExW
GetMenuItemRect
WaitForInputIdle
AppendMenuA
GetCapture
EndMenu
SendMessageW
CopyRect
RemoveMenu
GetSysColor
OffsetRect
DestroyIcon
CreateAcceleratorTableW
MoveWindow
MessageBoxW
UpdateLayeredWindow
UnregisterClassA

gdi32

DeleteObject
SetEnhMetaFileBits
CreateFontW
GetEnhMetaFilePixelFormat
CreateFontIndirectExA
UpdateICMRegKeyA
UpdateICMRegKeyW

Sections

.icode
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IdDi
Size: 3KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 10KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1820d0763180525e33029fd2a9d28c5c

Headers

File Characteristics

Imports

kernel32

query

duser

user32

gdi32

Sections

.icode Size: 9KB - Virtual size: 9KB

.text Size: 17KB - Virtual size: 20KB

.rdata Size: 2KB - Virtual size: 16KB

.IdDi Size: 3KB - Virtual size: 266KB

.edata Size: 8KB - Virtual size: 23KB

.data Size: 6KB - Virtual size: 79KB

.edata Size: 10KB - Virtual size: 84KB

.rsrc Size: 22KB - Virtual size: 21KB

.icode
Size: 9KB - Virtual size: 9KB

.text
Size: 17KB - Virtual size: 20KB

.rdata
Size: 2KB - Virtual size: 16KB

.IdDi
Size: 3KB - Virtual size: 266KB

.edata
Size: 8KB - Virtual size: 23KB

.data
Size: 6KB - Virtual size: 79KB

.edata
Size: 10KB - Virtual size: 84KB

.rsrc
Size: 22KB - Virtual size: 21KB