60a725536f53aa98c9707dfd3906c0c1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

60a725536f53aa98c9707dfd3906c0c1_JaffaCakes118
Size

130KB
MD5

60a725536f53aa98c9707dfd3906c0c1
SHA1

a658f8e21a16e5139367d045fdea33d6dc3e2ecc
SHA256

6ebf300de48dd55e2c255737b273ceb1e23f1ebf3cf33f675c70628e168a4a06
SHA512

4dbe2fe76c82772945ea62ee198b4492d6f0f3e9496307cd07ca6311c356192850be747660a1764a76399bff4f571d2d0e0d08d7c0ca6870da480dd56e84a813
SSDEEP

3072:8ng5BWFaOKtouHa2sTf8SBlZ8Hjxt9EfJeg:zmaOKtoca/xqDdi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60a725536f53aa98c9707dfd3906c0c1_JaffaCakes118

Files

60a725536f53aa98c9707dfd3906c0c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da969d00b51ba107dd95b2e06f6fa517

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorA
GetSaveFileNameA
FindTextA

user32

ReleaseCapture
EnumThreadWindows
GetWindowDC
IntersectRect
CharNextW
CharToOemA
GetKeyboardType
RemoveMenu
FrameRect
KillTimer
LoadIconA
GetSysColorBrush
CloseClipboard
SetMenu
DestroyIcon
GetMenuItemInfoA
EnableScrollBar
GetMessagePos
GetFocus
GetCursorPos
GetMenu
GetCursor
CreateIcon
CharUpperBuffA
GetWindowLongA
InvalidateRect
GetKeyboardState
MapWindowPoints
SetParent
DrawEdge
EqualRect
GetDCEx
GetKeyboardLayoutNameA
DestroyWindow
TranslateMessage
UnregisterClassA
DispatchMessageA
EmptyClipboard
GetScrollPos
MessageBeep
UnhookWindowsHookEx
SetWindowPlacement
PeekMessageA
DrawFrameControl
SetActiveWindow
SetCursor
GetForegroundWindow
PostMessageA
SystemParametersInfoA
ReleaseDC
RedrawWindow
GetClipboardData
DrawMenuBar
GetScrollRange
CharLowerA
RegisterWindowMessageA
GetTopWindow
SetScrollInfo
GetWindow
GetKeyboardLayoutList
DrawTextA

kernel32

FindFirstFileA
LoadResource
GetCurrentProcessId
GetFileType
GetUserDefaultLCID
GetFileSize
SetEndOfFile
GetProcessHeap
LoadLibraryExA
lstrcatA
GetSystemDefaultLangID
lstrlenA
GetStringTypeW
MoveFileA
SetErrorMode
CreateEventA
HeapDestroy
IsBadReadPtr
GetModuleFileNameA
VirtualAllocEx
LoadLibraryA
Sleep
WaitForSingleObject
InitializeCriticalSection
ExitProcess

Exports

Exports

oFZ0OI6cIQbcpr@16
_VG73FuS7DwU0d@4
nS3wolHGZ55k5C@12
s5xwggUPRQAaP
_Z0hTdJAgK
_vO4de0bhye0
_woRFo@20
_51NirAq47NW@16
aLQ_pmnSy_Q
SicgEJ52
SeOoYb5Y@16

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 102KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da969d00b51ba107dd95b2e06f6fa517

Headers

File Characteristics

Imports

comdlg32

user32

kernel32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.data Size: 11KB - Virtual size: 11KB

.bss Size: 102KB - Virtual size: 238KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 7KB - Virtual size: 6KB

.data
Size: 11KB - Virtual size: 11KB

.bss
Size: 102KB - Virtual size: 238KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 3KB