47d0f2929febb51e78021b5d3011fc2d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

47d0f2929febb51e78021b5d3011fc2d_JaffaCakes118
Size

98KB
MD5

47d0f2929febb51e78021b5d3011fc2d
SHA1

2942d09614bdaf58d49471a5d4d0e14c7f8988e9
SHA256

ef87b4581a954227ebc95bd4f443e8cec2869be6caa2cb259f3a397e556107b3
SHA512

4af499daaac2bbd0fee32095f042a3991abba1a43f93d9423ce650a52363d45fec35b436c6762ee1c0c6184f41a9f8eb9e6ef105e349fbabf05181d517e6418c
SSDEEP

1536:II8vS8FploH/cnNX7LSgg5Rne4YcjeRPUxDU:II8LploH/qBFwg4YcqYU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47d0f2929febb51e78021b5d3011fc2d_JaffaCakes118

Files

47d0f2929febb51e78021b5d3011fc2d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e5c34eafdd9dd15e0f274d06089b0a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ord192
SHGetInstanceExplorer
SHPathPrepareForWriteA
ord47
SHGetFolderPathAndSubDirW

gdi32

EnumObjects
CreateDIBPatternBrushPt
SetDCPenColor
GetDCPenColor
AddFontResourceW
CreateMetaFileW

comctl32

ord3
PropertySheetW
ord8

kernel32

Sleep
GetConsoleFontSize
DeleteFiber
WideCharToMultiByte
GetDateFormatW
SetFileApisToOEM
CreateSemaphoreA
WaitNamedPipeW
GetVolumePathNameW
GetBinaryTypeA
GetSystemTimes
FormatMessageA
DuplicateHandle
lstrcpyA
SetFileShortNameW
SearchPathA
UnlockFileEx
GetVersionExW
WaitForSingleObjectEx
ResetEvent
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetStartupInfoA

user32

EndDeferWindowPos
RegisterShellHookWindow
GetInputState
GetScrollInfo
DrawTextExW
GetMessagePos
RealChildWindowFromPoint
InsertMenuA
PostQuitMessage
DialogBoxParamW
IntersectRect
DialogBoxIndirectParamW
RegisterClipboardFormatW
CharNextExA
EqualRect
GetMessageW
SetWindowsHookExW
IsDialogMessageW
GetClipCursor

msvcrt

putc
iswctype
fscanf
ctime
wscanf
iswxdigit
wcslen
wcscoll
fread
remove
isgraph
strtoul
swprintf
wprintf
strncpy
isspace
vswprintf
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
clock
strchr
isprint
wcscmp
isxdigit
memset

Sections

.text
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e5c34eafdd9dd15e0f274d06089b0a0

Headers

File Characteristics

Imports

shell32

gdi32

comctl32

kernel32

user32

msvcrt

Sections

.text Size: 12KB - Virtual size: 15KB

.data Size: 512B - Virtual size: 356B

.udata Size: - Virtual size: 40KB

.rdata Size: 84KB - Virtual size: 84KB

.text
Size: 12KB - Virtual size: 15KB

.data
Size: 512B - Virtual size: 356B

.udata
Size: - Virtual size: 40KB

.rdata
Size: 84KB - Virtual size: 84KB