6393bf01dedd2bc6583d41f3bea9609f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6393bf01dedd2bc6583d41f3bea9609f_JaffaCakes118
Size

137KB
MD5

6393bf01dedd2bc6583d41f3bea9609f
SHA1

3104921311c44fa3f380b2fadf33270ebcba3320
SHA256

cb405fdf3bb0a90118c3a948bdc54988a8bb74dba23bfdbb6cb8b9bf7f89e595
SHA512

c7745a2a26d13b4ebe52263577bf9dda07fe5ed67923d3d145923f7cba165d93808d28547c865c90cc6f3eb39c28ff527a9a178a933178a247a4e26f12d352f3
SSDEEP

3072:SeqNYVuIulsavhssyMAY3lzCjUeXhPnTrMpShqVc0:SeQIT7stAilr0BnToAq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6393bf01dedd2bc6583d41f3bea9609f_JaffaCakes118

Files

6393bf01dedd2bc6583d41f3bea9609f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

53074b172923e9fa4d6f14bf4497abe7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
FindResourceA
LocalAlloc
lstrlenA
GlobalDeleteAtom
ReadFile
FindFirstFileA
GetTickCount
GetStartupInfoA
LoadLibraryA
lstrcmpA
CompareStringA
LoadResource
ExitProcess
FindClose
WriteFile
GetThreadLocale
VirtualAlloc
LockResource
SizeofResource
GetCurrentThreadId
VirtualAllocEx

user32

SetCapture
DrawIcon
GetKeyboardLayoutNameA
SendMessageA
TranslateMDISysAccel
TranslateMessage
GetSysColor
GetTopWindow
BeginPaint
CallWindowProcA
PeekMessageA
IsRectEmpty
CreateMenu
IsDialogMessageA
DeleteMenu
SetScrollInfo
GetMenuItemInfoA
GetScrollInfo
EnableWindow
SetMenu
SetWindowPlacement
DispatchMessageA
GetMessagePos
RegisterClipboardFormatA
IsChild
ScrollWindow
FindWindowA
RemovePropA
WaitMessage
DefWindowProcA
SendMessageW
EnableScrollBar
IsDialogMessageW
SetWindowsHookExA
SetWindowLongW
EnumWindows
IsCharLowerA
IsWindowUnicode
ShowScrollBar
GetKeyboardLayoutList
GetDC
GetWindowDC
GetSysColorBrush
SetActiveWindow
SetScrollRange
ShowOwnedPopups
PtInRect
EmptyClipboard
DrawFrameControl
EnumThreadWindows
GetLastActivePopup
EndPaint
CharNextA
TrackPopupMenu
DrawEdge
GetScrollRange
UnhookWindowsHookEx
EnumChildWindows
ClientToScreen
GetMenu
GetKeyboardLayout
EqualRect
GetClassInfoA
GetDesktopWindow

oleaut32

SafeArrayUnaccessData
SysFreeString
SysStringLen
SafeArrayPtrOfIndex
SafeArrayCreate
RegisterTypeLib
SafeArrayGetUBound
OleLoadPicture
SafeArrayGetElement

Exports

Exports

FbifhbzVZr0Ak
_1WdY8pN9pZjuOL@16
gc2yDQpgorj0

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.datas
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdata
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53074b172923e9fa4d6f14bf4497abe7

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.data Size: 12KB - Virtual size: 135KB

.cdata Size: 99KB - Virtual size: 98KB

.datas Size: 4KB - Virtual size: 3KB

.bdata Size: 512B - Virtual size: 128B

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 12KB - Virtual size: 11KB

.data
Size: 12KB - Virtual size: 135KB

.cdata
Size: 99KB - Virtual size: 98KB

.datas
Size: 4KB - Virtual size: 3KB

.bdata
Size: 512B - Virtual size: 128B

.rsrc
Size: 8KB - Virtual size: 8KB