781a6b320c50c7ec7f3ae19a68683f1e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

781a6b320c50c7ec7f3ae19a68683f1e_JaffaCakes118
Size

135KB
MD5

781a6b320c50c7ec7f3ae19a68683f1e
SHA1

785ea36f9f42d6572e76d364b06052d10b9e837e
SHA256

15773783da037d29f113c0225e8139d166b4c86aad8dd2fa57efab27c69a814e
SHA512

8bb946eacfe97b9ef39ef1ac5ebe3adccca6043cef05683b8eeee1650be8f9c9e989559a376b6e94aaeb28edc0c9d46157c5447fb5e215915f848c2966665aae
SSDEEP

3072:T+HHI5BEWpY13v2sBxK1nEOe3SOnOL7/cXBdcd4iDfs95nNqygU:T+nmu2MP3NOUti6RNqnU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
781a6b320c50c7ec7f3ae19a68683f1e_JaffaCakes118

Files

781a6b320c50c7ec7f3ae19a68683f1e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4e9c072c72aed5a170843924c4377156

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

strspn
wcspbrk
_chkstk

shell32

ord183
SHGetMalloc
SHFreeNameMappings
SHGetIconOverlayIndexW

shlwapi

StrChrW

kernel32

GetModuleHandleExW
WaitForSingleObject
GlobalFindAtomA
GetFileAttributesA
GetExitCodeProcess
HeapQueryInformation
ExitThread
BackupRead
CopyFileA
LoadLibraryA
CloseHandle
CreateMutexW
UpdateResourceA
GlobalDeleteAtom
lstrcpynA

user32

CharToOemW
DrawTextExW
IsClipboardFormatAvailable
CascadeWindows
SetWindowRgn
GetNextDlgGroupItem
GetClipboardFormatNameW
RedrawWindow
GetClipboardViewer
GetDlgItemTextA
PeekMessageA
ValidateRect
EmptyClipboard

gdi32

CloseFigure
StrokePath
GetMiterLimit
ExtCreatePen
PtInRegion
CreateCompatibleDC
CreateRectRgn
PlgBlt
GetBrushOrgEx
CreateColorSpaceW

ole32

OleSetAutoConvert
CoInitialize
OleCreateEmbeddingHelper
CreateDataAdviseHolder
CoFileTimeNow
CoUninitialize

Exports

Exports

?JHfkedHGfhjgfHGkjfgfgf@@YGKKKK@Z
?KJfjdHJfjkdhgdjHGhkjfdgf@@YGKKK@Z
?VXbvHGfhsdfhHGhfgfgff@@YGKK@Z

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.newdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e9c072c72aed5a170843924c4377156

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

shell32

shlwapi

kernel32

user32

gdi32

ole32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 1024B - Virtual size: 712B

.newdata Size: 512B - Virtual size: 512B

.imports Size: 3KB - Virtual size: 2KB

.rsrc Size: 122KB - Virtual size: 121KB

.reloc Size: 1024B - Virtual size: 574B

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 1024B - Virtual size: 712B

.newdata
Size: 512B - Virtual size: 512B

.imports
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 122KB - Virtual size: 121KB

.reloc
Size: 1024B - Virtual size: 574B