6831560a224a17766999dbb4778c9734_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6831560a224a17766999dbb4778c9734_JaffaCakes118
Size

214KB
MD5

6831560a224a17766999dbb4778c9734
SHA1

4afec87cfe7e35d436bfa7e50a84838d1b22d64b
SHA256

64a73f783a6ac74c85122b0098d601c3dd382ac6e7d5bc9a1165c80e4684dd2e
SHA512

aca54d150a3e593a4c19ebd430c279ee78cfb4732245d4106e26686d2abf3fc6bbfb9976b865bbb0b11713b5a94d76dfeaa1e27fb3c6171c2fc6cf7ddc028b76
SSDEEP

3072:esCkMj2hl1u3PBXLIpJxBUWcpynEl+FNY0ca5AovZioBORbfBJYygq1ke:es1E1Wcpu40ca53Z2RbjYyg5e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6831560a224a17766999dbb4778c9734_JaffaCakes118

Files

6831560a224a17766999dbb4778c9734_JaffaCakes118
.exe windows:4 windows x86 arch:x86

25be9ff55b8da798946698feaeb567fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
Sleep
CreateMailslotW
GetModuleHandleA
lstrcpy
GetSystemDirectoryA
GetExitCodeProcess
ReplaceFileA
GetProcessHeaps
CreateEventW
CreateSemaphoreA
IsBadCodePtr
CreateMutexW
DeleteAtom
GetLocaleInfoA
ExpandEnvironmentStringsA
GetExpandedNameA
GetProcessHeap
lstrcpyA
BeginUpdateResourceW
GlobalFindAtomW
IsValidCodePage
GetSystemDefaultLCID
GetThreadLocale
ReplaceFileW
GetLogicalDrives
GetCommandLineA
GetStartupInfoW
GetTempFileNameW
GetProcAddress
LoadResource
GetCurrentProcess
GetCurrentDirectoryA
FileTimeToSystemTime
GetDateFormatW
GetFileAttributesW
CreateMailslotA

user32

InsertMenuItemA
GetDCEx
MonitorFromPoint
PostQuitMessage
ArrangeIconicWindows
DestroyCursor
CreateWindowExA
IsWindowEnabled
CreateDialogIndirectParamW
GetMenuItemInfoW
GetClassInfoExW
CreatePopupMenu
RegisterWindowMessageW
SetMenu
UpdateLayeredWindow
GetMenuItemInfoA
FlashWindow
MoveWindow
keybd_event
LoadBitmapW
AppendMenuW
GetMessageW
DrawIcon
SendMessageA
GetWindowTextW
EmptyClipboard
GetCaretPos
CreateDialogParamW
EnumDesktopsW
UnregisterClassW
SetCursor
CreateWindowExA
SetCursorPos
LoadCursorA
GetSystemMetrics

gdi32

CreatePalette
GetEnhMetaFilePixelFormat
GetLogColorSpaceW
CopyMetaFileA
ResetDCW
CreateBrushIndirect
SetColorSpace
CombineRgn
WidenPath
GetObjectA
CreateEnhMetaFileW
CreateICW
UnrealizeObject
StrokeAndFillPath
GetRasterizerCaps

advapi32

RegOpenKeyW
RegEnumValueW
RegOpenKeyW
RegFlushKey
RegRestoreKeyA

shlwapi

ChrCmpIA
StrRetToStrA
StrToInt64ExW
PathMatchSpecA
SHCopyKeyW
StrToIntW
StrCpyW
PathSetDlgItemPathW
UrlGetLocationW
PathRemoveExtensionA
StrRChrA
SHEnumValueA
SHRegQueryInfoUSKeyW

Sections

.tuVPUM
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ivwAFI
Size: 5KB - Virtual size: 471KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tI
Size: 1KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lO
Size: 3KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Zw
Size: 4KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.FqT
Size: 3KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25be9ff55b8da798946698feaeb567fd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

Sections

.tuVPUM Size: 11KB - Virtual size: 11KB

.ivwAFI Size: 5KB - Virtual size: 471KB

.tI Size: 1KB - Virtual size: 248KB

.lO Size: 3KB - Virtual size: 19KB

.data Size: 138KB - Virtual size: 398KB

.Zw Size: 4KB - Virtual size: 347KB

.FqT Size: 3KB - Virtual size: 266KB

.rsrc Size: 46KB - Virtual size: 45KB

.reloc Size: 1024B - Virtual size: 840B

.tuVPUM
Size: 11KB - Virtual size: 11KB

.ivwAFI
Size: 5KB - Virtual size: 471KB

.tI
Size: 1KB - Virtual size: 248KB

.lO
Size: 3KB - Virtual size: 19KB

.data
Size: 138KB - Virtual size: 398KB

.Zw
Size: 4KB - Virtual size: 347KB

.FqT
Size: 3KB - Virtual size: 266KB

.rsrc
Size: 46KB - Virtual size: 45KB

.reloc
Size: 1024B - Virtual size: 840B