77dae490ce4a4345890264434b174702_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

77dae490ce4a4345890264434b174702_JaffaCakes118
Size

68KB
MD5

77dae490ce4a4345890264434b174702
SHA1

7840877e5359c5a7b86c91340310d709161db4c6
SHA256

5c39f50090ba6688b903e7595b51068434653be15c52f32bf65074e67f3b7738
SHA512

e3d2a0c73c6bc8d70a1b68b845f630774a124fb0ed643843cd3c804d556fc8cf611c5828403d53d88d144a78f2d04412c699646bee0784518738769404246ccc
SSDEEP

1536:O7CO/zB/IA7DvcDwjpKvgr6py/6HQ4H/UF3q7iaH+/5YxqtX:O97Bn7DvUwtigviFiR5YY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77dae490ce4a4345890264434b174702_JaffaCakes118

Files

77dae490ce4a4345890264434b174702_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8172ca3ce48ac7298892d0eace64f64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
VerLanguageNameA
WriteTapemark
DuplicateConsoleHandle
MoveFileA
WaitCommEvent
GetMailslotInfo
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

FindWindowW
InsertMenuItemA
LookupIconIdFromDirectory
UpdateWindow
EndTask
GetClipboardSequenceNumber
OpenWindowStationW
GetClassLongA
GetClientRect
GetCursorInfo
BroadcastSystemMessageW
GetClipboardFormatNameW
GetProcessDefaultLayout
EnumDesktopsA
ToUnicode
OemToCharA
PrivateExtractIconsW
DrawAnimatedRects

shell32

SHGetPathFromIDListW
DllRegisterServer
Shell_NotifyIconW
StrNCmpW
FreeIconList
SHGetSpecialFolderPathA
InternalExtractIconListA
SHGetSpecialFolderLocation
StrStrIA
ExtractAssociatedIconExW
StrChrIA
SHGetNewLinkInfoA
Control_RunDLLAsUserW

gdi32

GetCharacterPlacementA
SelectPalette
GetPixel
GdiPlayDCScript
ColorMatchToTarget
SetViewportOrgEx
AbortPath
CreateColorSpaceA
GdiDeleteLocalDC
GetObjectType
StartDocA
GdiConvertToDevmodeW
FONTOBJ_cGetAllGlyphHandles
GetDIBits
GdiReleaseLocalDC
UnrealizeObject
SetColorSpace
EngQueryEMFInfo
MoveToEx
EngReleaseSemaphore
GetCharWidthW
GetRegionData

Exports

Exports

Spvsbqoxrlc

Sections

.text
Size: 4KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jloew
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d8172ca3ce48ac7298892d0eace64f64

Headers

File Characteristics

Imports

kernel32

user32

shell32

gdi32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 86KB

.data Size: 59KB - Virtual size: 61KB

.rsrc Size: 1024B - Virtual size: 4KB

.jloew Size: 3KB - Virtual size: 4KB

.reloc Size: - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 86KB

.data
Size: 59KB - Virtual size: 61KB

.rsrc
Size: 1024B - Virtual size: 4KB

.jloew
Size: 3KB - Virtual size: 4KB

.reloc
Size: - Virtual size: 4KB