64ea8aedd0365041012487da41064b07_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

64ea8aedd0365041012487da41064b07_JaffaCakes118
Size

217KB
MD5

64ea8aedd0365041012487da41064b07
SHA1

a4b92574439ffb07b67e2ff583f6ae9e7a8a3048
SHA256

bc2e21460835bfb07f61d36c82c35590ab7745b977dfc7ceee03083ef134b1d8
SHA512

1fc4482985f07d3d9b293f3b01413c279351b3b230fd42d530c6b8c2ff18a31f2cc326996a293447ebcffe63a651fd1745495ae5ca0271d18d5c8728beeb6b31
SSDEEP

6144:zqLPjb9UaJalcSMu9S7gWPdg+eBHQQl+7cxts/y:zkbu3cSruBPbeBbQwx+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64ea8aedd0365041012487da41064b07_JaffaCakes118

Files

64ea8aedd0365041012487da41064b07_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a31533b82a1ae6755d1d83a6ec5dd0d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
GetTimeFormatA
GetProcAddress
LoadLibraryA
SetEvent
GetComputerNameA
GetFileType
RemoveDirectoryA
FileTimeToSystemTime
BeginUpdateResourceW
InitializeCriticalSection
GetTimeFormatW

user32

WaitForInputIdle
GetClassInfoExW
GetWindowRect
CopyImage
GetWindowRect
MoveWindow
GetMenuItemCount
LoadMenuIndirectW
GetAsyncKeyState
ClientToScreen
SetWindowTextA
SetDlgItemTextW
wsprintfW
GetForegroundWindow
OffsetRect
SetForegroundWindow
GetIconInfo

gdi32

GetTextMetricsW
GetGraphicsMode
FrameRgn
FloodFill
CreateDCW
GetKerningPairsA
CreateDCA
CopyEnhMetaFileA
CreatePolygonRgn
GetWorldTransform
ExtTextOutW
GetCharWidth32A
CreateDIBPatternBrushPt
EnumFontsW
OffsetClipRgn
GetGlyphOutlineA
CreateCompatibleDC
CreateFontA
PtInRegion

advapi32

RegDeleteKeyA
RegEnumValueW
RegCloseKey
RegDeleteValueA
RegOpenKeyW
RegFlushKey
RegReplaceKeyW
RegCreateKeyExW
RegQueryValueA

shlwapi

PathUndecorateA
PathSearchAndQualifyW
SHRegOpenUSKeyA
PathMatchSpecW
StrCmpNA
PathBuildRootA
PathStripToRootA
PathSetDlgItemPathW
PathRemoveBackslashA

comctl32

DllGetVersion
InitCommonControls
ImageList_SetImageCount
FlatSB_GetScrollInfo

oleaut32

VarMod

Sections

.mUiH
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Tuf
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bBa
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bme
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Q
Size: 5KB - Virtual size: 353KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndXuc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a31533b82a1ae6755d1d83a6ec5dd0d0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

comctl32

oleaut32

Sections

.mUiH Size: 5KB - Virtual size: 5KB

.Tuf Size: 86KB - Virtual size: 85KB

.bBa Size: 12KB - Virtual size: 12KB

.bme Size: 2KB - Virtual size: 4KB

.Q Size: 5KB - Virtual size: 353KB

.ndXuc Size: 84KB - Virtual size: 84KB

.data Size: 9KB - Virtual size: 362KB

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 1024B - Virtual size: 1024B

.mUiH
Size: 5KB - Virtual size: 5KB

.Tuf
Size: 86KB - Virtual size: 85KB

.bBa
Size: 12KB - Virtual size: 12KB

.bme
Size: 2KB - Virtual size: 4KB

.Q
Size: 5KB - Virtual size: 353KB

.ndXuc
Size: 84KB - Virtual size: 84KB

.data
Size: 9KB - Virtual size: 362KB

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 1024B - Virtual size: 1024B