431b4c30b686b5a6a5805f936c08d6f9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

431b4c30b686b5a6a5805f936c08d6f9_JaffaCakes118
Size

138KB
MD5

431b4c30b686b5a6a5805f936c08d6f9
SHA1

24e89116a4140f8beb14860fadbd00302c3abc7b
SHA256

9002e6be5150182021bb72b9d094c96c39e755466116afce1211c5a04e1e9815
SHA512

6b1a25bf4c2aba87a750448960e8a1bbf64fa26aea10b3889cc459bb27fab6fb5bc0a0257f6524bca724c00564aba5bb2ea537c3c21492b61cad17f75c986913
SSDEEP

3072:56iPufnPu/bwURCIR1auQyDMBXPlOEtJULUn2HGC3/iiFIqC02xmj0pcDo:5vuPPu/pCq1a/y2/lXfUI2V16k0KE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
431b4c30b686b5a6a5805f936c08d6f9_JaffaCakes118

Files

431b4c30b686b5a6a5805f936c08d6f9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9cc584ba9a7a9b985df2b0aa46d5ed71

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

wcslen

shlwapi

PathAppendW
StrCSpnIW

shell32

ord688

kernel32

CreateEventW
GetAtomNameA
FatalAppExitA
GetFileSizeEx
GetThreadPriorityBoost
SizeofResource
SetFileTime
ClearCommError
CallNamedPipeA
GetCommModemStatus
SetVolumeLabelA
UnregisterWait
FileTimeToDosDateTime
CreatePipe
SetNamedPipeHandleState
SetSystemTimeAdjustment
GetTickCount
WaitForSingleObjectEx
OpenEventW

user32

MapDialogRect
GetKeyNameTextA
IsZoomed
GetParent
CreateMDIWindowA
FindWindowW
GetDC
SetRect
RedrawWindow
DialogBoxIndirectParamA
DestroyIcon
IsCharAlphaNumericA
DragDetect
GrayStringW
FindWindowA
SetCursorPos
CreateIconFromResource

gdi32

StartDocW
RectVisible
GetTextColor
CreateBitmapIndirect
ScaleViewportExtEx
GetObjectType
GetTextCharacterExtra
GetBoundsRect
SetGraphicsMode
GetCharacterPlacementW
GetArcDirection
GetViewportOrgEx
SetLayout
GetBitmapBits
GetClipRgn
CloseEnhMetaFile
AddFontResourceW

advapi32

AreAnyAccessesGranted
CopySid
GetSidIdentifierAuthority
GetSidLengthRequired

Exports

Exports

__GetWindowRgn@12
__SetWindowRgn@12

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.etext
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.amem
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fntdat
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9cc584ba9a7a9b985df2b0aa46d5ed71

Headers

File Characteristics

Imports

ntdll

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.etext Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 260B

.amem Size: 512B - Virtual size: 256B

.fntdat Size: 1024B - Virtual size: 536B

.rsrc Size: 126KB - Virtual size: 126KB

.reloc Size: 1024B - Virtual size: 560B

.text
Size: 6KB - Virtual size: 6KB

.etext
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 260B

.amem
Size: 512B - Virtual size: 256B

.fntdat
Size: 1024B - Virtual size: 536B

.rsrc
Size: 126KB - Virtual size: 126KB

.reloc
Size: 1024B - Virtual size: 560B