4531846b0ff9d16e3b7f4d48d0eda5b2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4531846b0ff9d16e3b7f4d48d0eda5b2_JaffaCakes118
Size

231KB
MD5

4531846b0ff9d16e3b7f4d48d0eda5b2
SHA1

f583eee42dedd7ada0560a7ee15ccf8f755da067
SHA256

c58b46d492e212d36ba3ce9af0d293b6f4a55dae9ab589ce34ab0cdc411c53bb
SHA512

c3a267dd866df34a1e32ec735d6f398abe371d27f0c241f92adca02e9a392a9b5cf12b8d414872f614fa47051494e5e6fafdde91cac7cb7cb0b56b2c7de31af7
SSDEEP

6144:3UZBwnz18o7f7cZ5+jUq4xIBY4Tw07dEVcX+u5KzLBBjaQR:3Uj818o7f7cT1qBE0UcX+Nz7jaQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4531846b0ff9d16e3b7f4d48d0eda5b2_JaffaCakes118

Files

4531846b0ff9d16e3b7f4d48d0eda5b2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5d64e075700a0e799946b177e3cf2120

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memset

user32

GetDoubleClickTime
GetWindowTextW
CharToOemW
CharLowerA
GetMenuStringA
GetActiveWindow
GetDialogBaseUnits
PostThreadMessageW
DrawAnimatedRects
GetClassNameW
HideCaret
LoadStringA
ScrollWindow
RegisterWindowMessageW
VkKeyScanW
wvsprintfA
SetWindowTextW
GetWindowPlacement
RemovePropW
GetClassLongA
DeleteMenu
ArrangeIconicWindows
GetMenuStringW
PostQuitMessage
GetDC
UnloadKeyboardLayout
DialogBoxParamA
WaitMessage
SendInput
DestroyIcon
SetClassLongW
GetShellWindow
RemoveMenu
FrameRect
LoadCursorA
SystemParametersInfoW
GetFocus
IsCharLowerA

gdi32

WidenPath
SelectClipRgn
SetViewportExtEx
GetNearestColor
GetClipBox
Rectangle
Polygon
ExcludeClipRect
CreateBitmap
SetLayout
SetBrushOrgEx
EndPage
SetPaletteEntries
SetMapMode
StretchBlt
SetWindowOrgEx
EndPath

kernel32

WaitForMultipleObjectsEx
SetNamedPipeHandleState
GetComputerNameW
SetMailslotInfo
CreateFileMappingW
VirtualFree
SetEvent
CreateRemoteThread
CreateMailslotW
FindResourceExW
GetAtomNameA
UnmapViewOfFile
GetDateFormatW
GetNumberFormatA
SystemTimeToFileTime
DeleteFileA
SleepEx

Exports

Exports

?NDJndjklIODUiuodjilkjDUIOioudIUODOI@@YGKEPA_WG@Z

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nfodat
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.port
Size: 44KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dir
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d64e075700a0e799946b177e3cf2120

Headers

File Characteristics

Imports

ntdll

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 102KB - Virtual size: 101KB

.data Size: 1KB - Virtual size: 1KB

.rdata Size: 79KB - Virtual size: 78KB

.nfodat Size: - Virtual size: 4KB

.port Size: 44KB - Virtual size: 92KB

.dir Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 102KB - Virtual size: 101KB

.data
Size: 1KB - Virtual size: 1KB

.rdata
Size: 79KB - Virtual size: 78KB

.nfodat
Size: - Virtual size: 4KB

.port
Size: 44KB - Virtual size: 92KB

.dir
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB