6a994fc5d668545ded505e20b81356ed_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6a994fc5d668545ded505e20b81356ed_JaffaCakes118
Size

126KB
MD5

6a994fc5d668545ded505e20b81356ed
SHA1

8edc2810c4c59f01d97ab46c6bb94948780a03c1
SHA256

021e49bbb856dac325c8728b22a7b581b3e999a666d4c669e4f9d7da6ac83276
SHA512

b3eda2ec641b472d2a15fa69d226e352c0525600abd46922b0a6ba0c4d2e2a3e42d07dd71783d44b44d8d94baaf140a0db8eb395278f0c51abe5a414386794a1
SSDEEP

3072:ciKeJ6jLsmW9fFUQMcQkJurmFi+JFcfH5CDStesK614I0Om:ciKeAQpFpQsc/t1bA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a994fc5d668545ded505e20b81356ed_JaffaCakes118

Files

6a994fc5d668545ded505e20b81356ed_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1d0ca492063af07bc7457ed0bd1fbec9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindFileNameA
PathBuildRootA

user32

IsZoomed
GetWindowRect
FindWindowA
GetMenuStringA
CreateWindowExW
DestroyMenu
GetCursor
GetClassInfoExA
GetMenu
FindWindowExA
AppendMenuA
DispatchMessageA
DrawFocusRect

kernel32

SetConsoleMode
SizeofResource
lstrcatA
SetCommState
FindCloseChangeNotification
GetConsoleCP
SetErrorMode
SuspendThread
GlobalAddAtomA
SetHandleInformation
GetModuleHandleA
IsValidCodePage
GetACP
GetCurrentThreadId

comctl32

ImageList_Remove
ImageList_Write
ImageList_SetIconSize

ntdll

memset

comdlg32

PrintDlgW
CommDlgExtendedError

gdi32

CreateRectRgn
DeleteObject
CreateDCW
PtInRegion
GetTextExtentPointW
StretchDIBits
GetTextAlign
SetDIBits
BitBlt
SelectClipRgn

Exports

Exports

_Pmnuieoj_wixpDgs_jowy@8
_BourppdW_lcqvveqs_zqbx@12
_Njjhhpau_zvcxalr_mavwI@4
_VfgGijFx_aykeubjqij@4
_HnxNynbv_Jtcfpkdmc_qc@4
_HmifwYerE_rtjacS@4

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.strs
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmem
Size: - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

SETUP
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d0ca492063af07bc7457ed0bd1fbec9

Headers

File Characteristics

Imports

shlwapi

user32

kernel32

comctl32

ntdll

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 2KB

.strs Size: 5KB - Virtual size: 4KB

.data Size: 6KB - Virtual size: 6KB

.vmem Size: - Virtual size: 332KB

SETUP Size: 89KB - Virtual size: 89KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 2KB

.strs
Size: 5KB - Virtual size: 4KB

.data
Size: 6KB - Virtual size: 6KB

.vmem
Size: - Virtual size: 332KB

SETUP
Size: 89KB - Virtual size: 89KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB