768f13e67fbc0fd875cac1586fc9e9a5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

768f13e67fbc0fd875cac1586fc9e9a5_JaffaCakes118
Size

178KB
MD5

768f13e67fbc0fd875cac1586fc9e9a5
SHA1

87042c66f8bc0cb69659331dca9a7b88bb1871aa
SHA256

4205b7a614dc7619c3c2a162ed2653da3d52097154287cca578b0ae9bebb033b
SHA512

b30dfb0579e24004624d6475a91fbd6242dc4f55187a2984a745bf467eff2cafaffa540edb64de9850feddbf360842c13a1f5e351d3c4e8321dabde3e2a91945
SSDEEP

3072:zBTxcQCSLC2hEVgLCUgbitiq5ROnvB8oP0v9o24mAU:zAQNZLCvbiOvBPcamA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
768f13e67fbc0fd875cac1586fc9e9a5_JaffaCakes118

Files

768f13e67fbc0fd875cac1586fc9e9a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

620cd3c76ae8f5fd7f368904a0a1d208

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

EndPaint
GetWindow
LoadCursorA
GetDesktopWindow
EnableMenuItem
IsIconic
EnumThreadWindows
CharUpperA
LoadIconA
LoadBitmapA
IsChild
EnumChildWindows

shlwapi

SHQueryValueExA
PathGetCharTypeA
PathIsDirectoryA
PathFileExistsA
SHDeleteValueA

kernel32

FreeResource
lstrcpynA
ExitProcess
FormatMessageA
lstrcmpA
GetStringTypeA
CreateFileA
VirtualAlloc
GlobalAddAtomA
GetModuleHandleW
GetCPInfo
SetThreadLocale
SetHandleCount
GetCurrentThread
LockResource
lstrlenW
FindClose
GetEnvironmentStrings
GetThreadLocale
GetSystemDefaultLangID
GetACP
CloseHandle
FreeLibrary
LoadLibraryExA
CreateThread
GetModuleFileNameA
EnumCalendarInfoA
GetStdHandle
LoadLibraryA
RaiseException
GetDateFormatA
CreateEventA
GetFileSize
GetDiskFreeSpaceA
GetFullPathNameA
GetTickCount
SizeofResource
CompareStringA
GetStartupInfoA
MoveFileA
GetCurrentProcess
GetFileType
GetLastError
FindFirstFileA
LocalAlloc
GetVersion
lstrlenA
IsBadReadPtr
GetProcAddress
SetEndOfFile
VirtualFree
SetLastError

Exports

Exports

0H
b
_1@8
bey@24
_A@24
CT
_FS@24
gXR@16
Ho
n@12
_KVc
QOC
dz
swJ@24
u1
xMB

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 2KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

bbs
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

620cd3c76ae8f5fd7f368904a0a1d208

Headers

File Characteristics

Imports

user32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 135KB - Virtual size: 134KB

BSS Size: 2KB - Virtual size: 49KB

.tls Size: 1KB - Virtual size: 1KB

rdata Size: 512B - Virtual size: 24B

.edata Size: 512B - Virtual size: 284B

.idata Size: 2KB - Virtual size: 1KB

bbs Size: 1KB - Virtual size: 1KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 135KB - Virtual size: 134KB

BSS
Size: 2KB - Virtual size: 49KB

.tls
Size: 1KB - Virtual size: 1KB

rdata
Size: 512B - Virtual size: 24B

.edata
Size: 512B - Virtual size: 284B

.idata
Size: 2KB - Virtual size: 1KB

bbs
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 15KB - Virtual size: 15KB