6816021889bac580fc611ea7c894f50d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6816021889bac580fc611ea7c894f50d_JaffaCakes118
Size

131KB
MD5

6816021889bac580fc611ea7c894f50d
SHA1

facbc367cd7e36a5e75532192ba28fe3b38e0e65
SHA256

34ad5eae08559d93856109c5f6ca68eff7cc54814ec2f71a6c6edf7b6e72cd4c
SHA512

629d41a21957ca71290ecff35de7a430e7347c4e575e9e34cfe276536711e75196b1ab47e30c713875c6b684eb84820e89d98296986183b80307ce0dfc367b56
SSDEEP

3072:jcOMJeoYYulEQkfbaTqb0tgdnf/jUK7zas/EqAt3:tMJeof+EQk2AQgdnfo+zasVAt3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6816021889bac580fc611ea7c894f50d_JaffaCakes118

Files

6816021889bac580fc611ea7c894f50d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

26fd4a13d92b042d6c8f2347c2f3dd20

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

wcsrchr
_wcslwr
_wcsnicmp
_wcsicmp

shell32

ord196
SHGetPathFromIDListW

shlwapi

StrChrW

kernel32

PostQueuedCompletionStatus
GetFileAttributesExW
CloseHandle
DeleteAtom
WaitForSingleObject
GetBinaryTypeW
GetModuleHandleExW
GetExitCodeProcess

user32

GetNextDlgGroupItem
GetKeyboardLayout
SwitchDesktop
LoadImageA
GetDlgItemInt
KillTimer
CheckDlgButton
GetScrollPos
EnumThreadWindows
SetScrollPos
CallMsgFilterA
GrayStringW

gdi32

GetMiterLimit
GetEnhMetaFileBits
DeleteDC
GetArcDirection
GetCharWidthA
DeleteColorSpace
SetPolyFillMode
CreateRectRgn
PlgBlt
GetPixel
GetObjectA
EnumFontFamiliesExA
PtInRegion

ole32

CoFileTimeNow
IsAccelerator
CoInitialize
CoUninitialize

Exports

Exports

?BDVvHGDjsgdshdhbJHgdjf@@YGKK@Z
?JHDsHGDsgdshgdjsbHJGdjgs@@YGKKK@Z
?NBXDmnbfdGDjsgfysdgfd@@YGKKKK@Z

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.newdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.info
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26fd4a13d92b042d6c8f2347c2f3dd20

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

shell32

shlwapi

kernel32

user32

gdi32

ole32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 504B

.newdata Size: 2KB - Virtual size: 1KB

.info Size: 512B - Virtual size: 182B

.rsrc Size: 122KB - Virtual size: 121KB

.reloc Size: 1024B - Virtual size: 520B

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 504B

.newdata
Size: 2KB - Virtual size: 1KB

.info
Size: 512B - Virtual size: 182B

.rsrc
Size: 122KB - Virtual size: 121KB

.reloc
Size: 1024B - Virtual size: 520B