33aa83288abdcb7564277e66a986543c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

33aa83288abdcb7564277e66a986543c_JaffaCakes118
Size

97KB
MD5

33aa83288abdcb7564277e66a986543c
SHA1

2226b03949cb972c2d03fd3497bff504ef03d513
SHA256

9a6a6fe57c2c5dffc2ed3cf0d267caf9063fea9f73745641fe9d95d6c4ec3526
SHA512

892d7fdbc0974b9a84d19d5aec413444cc23e3fc0169bb99e607d8d38168a6062d02075b5f9cc23d03ce362240acb52709265d3b14f6739b413d734367b41ee8
SSDEEP

1536:ga9MDQXMwkVxKSNCzkg6ubv8kbVjC6Dd1jYa4ZJJibMwt1h4m7:B9MD3xK2kbvjbPp1jYaMVwt1mW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33aa83288abdcb7564277e66a986543c_JaffaCakes118

Files

33aa83288abdcb7564277e66a986543c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f94a7b23555d3d040b4d3f2e8b1cd1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClipboardFormatA
CharNextA
GetWindowDC
SetWindowLongW
ShowOwnedPopups
GetMenuStringA
GetPropA
FillRect
CallNextHookEx
GetKeyboardLayoutList
EnumChildWindows
LoadIconA
IsCharLowerA
InflateRect
GetMessagePos
RedrawWindow
SetScrollRange
LoadBitmapA
GetParent
GetMenuItemCount
CloseClipboard
PeekMessageW
GetMenu
GetSystemMetrics
SetPropA
GetWindowRect
TranslateMessage
CreateWindowExA
GetMenuItemID
DrawIcon
PeekMessageA
IsWindowVisible
WaitMessage
EnableScrollBar
SetWindowPlacement
IsChild
CreateMenu
IsIconic
GetKeyboardState
UpdateWindow
GetFocus
GetTopWindow
SetFocus
IsRectEmpty
CreatePopupMenu
EnumThreadWindows
DispatchMessageW
wsprintfA
GetDCEx
EmptyClipboard
GetSubMenu
IsWindowUnicode
SetMenuItemInfoA
CreateIcon
GetKeyNameTextA
RegisterClassA
IsWindowEnabled
LoadStringA
IsDlgButtonChecked
PostMessageA
EndPaint
ChildWindowFromPoint
GetDesktopWindow
EnableMenuItem

msvcrt

tolower
sqrt
time
sprintf
mbstowcs
calloc
atol
memmove
srand
memset

kernel32

GetDiskFreeSpaceA
LoadLibraryA
lstrlenW
GetEnvironmentStrings
VirtualAlloc
GetACP
GetFileAttributesA
GetCommandLineA
GetProcessHeap
InitializeCriticalSection
GetFullPathNameA
GetThreadLocale
LocalReAlloc
GetFileSize
SetLastError
GlobalAlloc
lstrcmpiA
GetSystemDefaultLangID
GetModuleHandleA
GlobalAddAtomA
GetOEMCP
SetErrorMode
ExitProcess
lstrcpynA
GetStartupInfoA

shlwapi

SHDeleteKeyA
SHGetValueA
SHEnumValueA

Exports

Exports

9_McdKhjxS8

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.badata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f94a7b23555d3d040b4d3f2e8b1cd1d

Headers

File Characteristics

Imports

user32

msvcrt

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 49KB - Virtual size: 48KB

.edata Size: 3KB - Virtual size: 2KB

.badata Size: 1KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 49KB - Virtual size: 48KB

.edata
Size: 3KB - Virtual size: 2KB

.badata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 8KB