81fd8a51c9cd423cd6d05a44cabdb93c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

81fd8a51c9cd423cd6d05a44cabdb93c_JaffaCakes118
Size

2.6MB
MD5

81fd8a51c9cd423cd6d05a44cabdb93c
SHA1

6420eff8e122e30c5d9003d2ace91218e7320295
SHA256

06c47b027606515b24c21535b41e7363c152deafeafd00e4bb6f28b07c05479d
SHA512

c23e6d660a5141f32df4435e751d47b0cb49b86f1474a6baf3ae3c9e2cc6fc13772c897b0887e4c04ddd355a41e0a9a110b33950dbd75b97f4cf0d81d9c80333
SSDEEP

49152:rHf2R5VnsQuaf7ZzPAY/7iboIv1s08CVUx:rHfM5RsQ77hoY/2boIv1j8X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81fd8a51c9cd423cd6d05a44cabdb93c_JaffaCakes118

Files

81fd8a51c9cd423cd6d05a44cabdb93c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b91568eedeeed8b91b948a7bb06a0004

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
TlsSetValue
GetModuleHandleA
GetExitCodeProcess
FindCloseChangeNotification
SetErrorMode
FindNextFileA
CreateDirectoryW
SetConsoleCP
GetModuleHandleW
GetFileType
FileTimeToDosDateTime
GetTempFileNameA
GetOEMCP

shlwapi

StrCatW
PathFindFileNameW
PathBuildRootW

comctl32

ImageList_Create
ImageList_GetIcon
ImageList_SetIconSize

gdi32

GetClipBox
DeleteObject
CreatePolygonRgn
GetObjectW
CreateRectRgn
SetBkMode
Rectangle
TextOutA
GetObjectA
GetBkMode
Polyline

user32

CreateDialogParamW
GetCaretBlinkTime
LoadMenuW
SendNotifyMessageW
DrawIcon
AdjustWindowRect
FindWindowW
IsCharAlphaNumericW
DefFrameProcA
DestroyMenu
DialogBoxParamA
GetMessageExtraInfo
GetMenu

Exports

Exports

_NbcJwPpu_ngOmjjz@12
_TryeryjZ_rmsvjm@16
_OsnsfoFdq_lEgugxr@12
_Frmfprbx_mbToukcsh_a@4
_ImxptVlz_jqdvvzjs@4

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.set
Size: 137KB - Virtual size: 21.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.option
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.params
Size: 817KB - Virtual size: 817KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flags
Size: 389KB - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b91568eedeeed8b91b948a7bb06a0004

Headers

File Characteristics

Imports

kernel32

shlwapi

comctl32

gdi32

user32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 50KB - Virtual size: 50KB

.set Size: 137KB - Virtual size: 21.3MB

.option Size: 205KB - Virtual size: 205KB

.params Size: 817KB - Virtual size: 817KB

.flags Size: 389KB - Virtual size: 388KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 50KB - Virtual size: 50KB

.set
Size: 137KB - Virtual size: 21.3MB

.option
Size: 205KB - Virtual size: 205KB

.params
Size: 817KB - Virtual size: 817KB

.flags
Size: 389KB - Virtual size: 388KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.reloc
Size: 3KB - Virtual size: 3KB