72c232fc43102968b8ac1013eeee268b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

72c232fc43102968b8ac1013eeee268b_JaffaCakes118
Size

241KB
MD5

72c232fc43102968b8ac1013eeee268b
SHA1

8091204eff89e315c18236dc655feb6a2ec0bcc4
SHA256

49da9ebbee8f2220d3a19799bf22bc0dd91789b8489293d06f0715ddca7cf8c1
SHA512

cdb1d58e30720bb83ce3f3c86632a3f7ff9a9d471bf24c8854fb41fbd482fdc63315285a4ef558cfcd13d42e26a021fd6780e40eae92e8777a121a7e4d54f96a
SSDEEP

6144:7uwmAXnfqDjUXbhGe7MH8tNWb5ET+Xbg:7DmqSDqbh/7MH83Wy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72c232fc43102968b8ac1013eeee268b_JaffaCakes118

Files

72c232fc43102968b8ac1013eeee268b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d0aaac17cffb59e3177b1e6dadf8ce85

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateDCW
EndPage
SetTextColor
CreateICW
GetViewportOrgEx
GetTextExtentExPointW
SetViewportOrgEx
GetLayout
GetPaletteEntries
IntersectClipRect
PtInRegion
StartPage
BeginPath
GetTextFaceW
GetNearestPaletteIndex
GetTextExtentPointW

kernel32

GetUserDefaultUILanguage
GetModuleHandleW
ReleaseSemaphore
FreeLibrary
GetCommConfig
SetFileAttributesA
FoldStringW
CreateSemaphoreA
GetSystemDefaultLangID
SetTimerQueueTimer
SetHandleInformation
CopyFileW
GetVersionExW
GetCurrentThread
GetSystemDirectoryA
WaitCommEvent
FindNextFileA

user32

AttachThreadInput
CharLowerBuffW
GetShellWindow
GetMenu
ReplyMessage
OffsetRect
SetForegroundWindow
GetActiveWindow
GetLastActivePopup
DefDlgProcA
DrawTextA
UnloadKeyboardLayout
GetWindowRect
TranslateMessage
ShowCaret
DefWindowProcA
RegisterHotKey
CharToOemBuffA
LoadAcceleratorsW
GetScrollPos
UnionRect
CharToOemA
DialogBoxIndirectParamW
ShowWindow
IntersectRect
SendNotifyMessageW
RegisterClassW
EnumWindows
LoadAcceleratorsA
ShowScrollBar
MessageBoxW
SetMenuItemBitmaps
InvalidateRgn
wsprintfA
PostMessageW
SendDlgItemMessageW

Exports

Exports

?IUDFijfjkKLJFOIUofiuOFUiofOFYU@@YGKEPA_WG@Z

Sections

.text
Size: 221KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdt
Size: - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vsctn
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0aaac17cffb59e3177b1e6dadf8ce85

Headers

File Characteristics

Imports

gdi32

kernel32

user32

Exports

Exports

Sections

.text Size: 221KB - Virtual size: 220KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 3KB - Virtual size: 3KB

.vdt Size: - Virtual size: 109KB

.vsctn Size: 2KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 221KB - Virtual size: 220KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 3KB - Virtual size: 3KB

.vdt
Size: - Virtual size: 109KB

.vsctn
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB