59ee7d2fcc980b4dca7c7b0fe2867541_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

59ee7d2fcc980b4dca7c7b0fe2867541_JaffaCakes118
Size

98KB
MD5

59ee7d2fcc980b4dca7c7b0fe2867541
SHA1

009a414b4d9d37d43af596e37c77c55123b2b0a7
SHA256

e43f791f6ce83c1e8b57101a788272774e0da8bf01f8661c4372833319c62748
SHA512

b1e30422a588fe527fbd72ca13f7e25c058d020c157aaadad606797a986aaa1a7fbfba7de10b3274fb3c79a2dbb4067817cce441f24312625b68ce21b5447c2c
SSDEEP

1536:U4mrWUHrzMsZ0nypsHGmM4SN0v6DcLXJQUB1z6bbQt+2i2u+DFHytp:UrfrzMs2y4GuwATH5ta/4Hk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59ee7d2fcc980b4dca7c7b0fe2867541_JaffaCakes118

Files

59ee7d2fcc980b4dca7c7b0fe2867541_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1e1e43e7697f50362aee441e478bce0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerInstallFileA
GetFileVersionInfoA

user32

MoveWindow
SetWindowLongW
EndPaint
EmptyClipboard
DestroyMenu
DrawTextA
IsZoomed
GetMenuStringA
WindowFromPoint
GetClassLongA
InsertMenuA
GetCursor
CharLowerBuffA
SystemParametersInfoA
GetWindow
RegisterClassA
GetCapture
UpdateWindow
EnumChildWindows
CreateIcon
GetMenuState
InvalidateRect
ShowWindow
CloseClipboard
GetClassNameA
OemToCharA
RegisterClipboardFormatA
LoadKeyboardLayoutA
GetWindowRect
OffsetRect
SendMessageA
GetActiveWindow

oleaut32

SafeArrayGetElement
SafeArrayGetUBound
OleLoadPicture
SysStringLen
RegisterTypeLib
GetErrorInfo
SysReAllocStringLen
SafeArrayPtrOfIndex
SysFreeString
SafeArrayUnaccessData

msvcrt

calloc
strcmp
pow
fabs
memcpy
cos

comdlg32

ChooseColorA
FindTextA
GetSaveFileNameA
GetFileTitleA

shell32

SHGetDiskFreeSpaceA
Shell_NotifyIconA
SHGetDesktopFolder

advapi32

RegCreateKeyExA

shlwapi

SHGetValueA
PathIsContentTypeA
PathGetCharTypeA
SHStrDupA
SHDeleteValueA

kernel32

LoadLibraryExA
GetVersion
GetCurrentProcess
FormatMessageA
GetCurrentThreadId
GetProcAddress
GetStringTypeA
GetSystemDefaultLangID
ReadFile
GetCurrentProcessId
FindResourceA
LocalReAlloc
GetEnvironmentStrings
VirtualAllocEx
WideCharToMultiByte
SetEndOfFile
GetCurrentThread
FreeResource
GetFullPathNameA
GetCommandLineA
SizeofResource
SetErrorMode
ExitThread
FindClose
GetUserDefaultLCID
FindFirstFileA
VirtualAlloc
GetACP
CreateFileA
Sleep
lstrcmpiA
GetLocalTime
GetStartupInfoA
CompareStringA
HeapFree
GetThreadLocale
SetThreadLocale
GetProcessHeap
HeapAlloc
SetHandleCount
LoadLibraryA
CloseHandle
SetEvent
lstrcpynA
DeleteCriticalSection
GetModuleHandleA
VirtualFree
EnterCriticalSection

Sections

CODE
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1e1e43e7697f50362aee441e478bce0

Headers

File Characteristics

Imports

version

user32

oleaut32

msvcrt

comdlg32

shell32

advapi32

shlwapi

kernel32

Sections

CODE Size: 29KB - Virtual size: 28KB

.data Size: 512B - Virtual size: 428B

DATA Size: 68KB - Virtual size: 67KB

CODE
Size: 29KB - Virtual size: 28KB

.data
Size: 512B - Virtual size: 428B

DATA
Size: 68KB - Virtual size: 67KB