49d332c70edaef41a8e4c5de60a940b7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

49d332c70edaef41a8e4c5de60a940b7_JaffaCakes118
Size

241KB
MD5

49d332c70edaef41a8e4c5de60a940b7
SHA1

b7bffd844fd9cacfdb2bb635c6d1a9110deeb860
SHA256

27e9bc5c08b2be742e2bd6c79e5766c25183ee8033c71fc0d3742c3f09fb254a
SHA512

25ae95d7c785295591f70dde0da75dd030b77ed613074fe6f4a16f273889cb7551ccf8398372017c038b4bd2bde9a8ce19045a25b824acfd0b5c34e0e161c198
SSDEEP

3072:aLklxdPDQkGmmzqDZfcyRP8tY9h6cHZM/4HDB3OaiCWuXt:aiD5fmqcyxEoUcq/4l3/iCW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49d332c70edaef41a8e4c5de60a940b7_JaffaCakes118

Files

49d332c70edaef41a8e4c5de60a940b7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac8c404026f4f236a492d437a39197e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
HeapDestroy
ExitProcess
lstrlenA
WaitForSingleObject
GetCommandLineW
lstrcpynA
SetEvent
GetModuleHandleA
WriteFile
LocalFree
lstrcmpiA
GetProcAddress
SetThreadLocale
lstrcatA
GlobalAlloc
WideCharToMultiByte
VirtualAllocEx
SetLastError
IsBadHugeReadPtr
LocalAlloc
lstrcpyA
VirtualFree
MoveFileExA
MoveFileA
ExitThread
SizeofResource
RaiseException
MulDiv
SetHandleCount

gdi32

CreateBitmap
CopyEnhMetaFileA
BitBlt

user32

GetMenuState
InsertMenuA
IsZoomed
GetCursor
InsertMenuItemA
IsDialogMessageW
GetClassNameA
GetWindowDC
IsDialogMessageA
GetWindowLongW
GetWindowRect
GetSubMenu
GetKeyboardType
GetWindowLongA
InvalidateRect
IsWindowVisible
GetForegroundWindow
GetScrollRange
GetMenuStringA
IsRectEmpty
GetMenuItemInfoA
GetDCEx
IsIconic
GetTopWindow
GetSystemMenu
GetSysColorBrush
GetScrollPos
GetWindowThreadProcessId
GetLastActivePopup
GetKeyNameTextA
GetKeyboardLayoutList

Sections

.RES42
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES76
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RES79
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES35
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES92
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES38
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES45
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES33
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES91
Size: 512B - Virtual size: 442B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac8c404026f4f236a492d437a39197e8

Headers

File Characteristics

Imports

kernel32

gdi32

user32

Sections

.RES42 Size: 70KB - Virtual size: 69KB

.rdata Size: 2KB - Virtual size: 2KB

.RES76 Size: 155KB - Virtual size: 154KB

.RES79 Size: 1KB - Virtual size: 1KB

.RES35 Size: 1KB - Virtual size: 1KB

.RES92 Size: 1KB - Virtual size: 1KB

.RES38 Size: 2KB - Virtual size: 1KB

.RES45 Size: 1024B - Virtual size: 956B

.RES33 Size: 2KB - Virtual size: 1KB

.RES91 Size: 512B - Virtual size: 442B

.rsrc Size: 2KB - Virtual size: 2KB

.RES42
Size: 70KB - Virtual size: 69KB

.rdata
Size: 2KB - Virtual size: 2KB

.RES76
Size: 155KB - Virtual size: 154KB

.RES79
Size: 1KB - Virtual size: 1KB

.RES35
Size: 1KB - Virtual size: 1KB

.RES92
Size: 1KB - Virtual size: 1KB

.RES38
Size: 2KB - Virtual size: 1KB

.RES45
Size: 1024B - Virtual size: 956B

.RES33
Size: 2KB - Virtual size: 1KB

.RES91
Size: 512B - Virtual size: 442B

.rsrc
Size: 2KB - Virtual size: 2KB