87f5f26d0e190ba9cafa463dc0b5c89e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

87f5f26d0e190ba9cafa463dc0b5c89e_JaffaCakes118
Size

2.4MB
MD5

87f5f26d0e190ba9cafa463dc0b5c89e
SHA1

4507976c4f13dfc458f906e0411b12750ede4f3b
SHA256

d6c39dbcd38e4ec26129c92a17828a2fc3a92aa5e046362a2066e897317d92f2
SHA512

a9f2f9be9e43c0c034087e90ceac7ac43c4981181c9657130547f1c85afe84dba4aba62734a3505cdb4f0656ddd9318fa53b9da687340e5272e149370df7ad04
SSDEEP

49152:rO2jwPMLWFqM6ZmLnmL4rTvww/W3nEBQ+g0NMiqY:C2s0WIhm0IF/I8zNOY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87f5f26d0e190ba9cafa463dc0b5c89e_JaffaCakes118

Files

87f5f26d0e190ba9cafa463dc0b5c89e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1f8546e8a5b1b89db2eca0bc065f2b39

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrNCatA

winspool.drv

DeletePortA
DeleteMonitorA

kernel32

MoveFileA
SizeofResource
FormatMessageW
GetBinaryTypeW
WritePrivateProfileStringW
IsDBCSLeadByteEx
GetLongPathNameW
FindCloseChangeNotification
CreateWaitableTimerA
WinExec
IsValidLanguageGroup
OpenWaitableTimerW
GetCalendarInfoW
CloseHandle
GetCurrentProcessId
GlobalAddAtomW
ResumeThread
CreateThread
IsDBCSLeadByte
Sleep
GetTickCount
GetModuleHandleW
GetTempFileNameW
WaitForSingleObject
CancelIo
SetFilePointerEx
GetDriveTypeW
CreateEventW

user32

GetMessageExtraInfo
GetMenu
InsertMenuA
SubtractRect
GetClipCursor
DlgDirSelectExA
ChangeMenuA
ToAscii
GetMenuItemID
EnumPropsExA
SetWindowRgn
GetTopWindow
GetUpdateRgn
OffsetRect
LoadMenuW
GetWindowLongA
ScrollWindow
GetMenuItemInfoA
DrawTextA
FrameRect
LoadIconA
GetCursor
GetMenuInfo
HiliteMenuItem
IsWindowUnicode
CreateMenu
InSendMessageEx
GetMessageW
DrawMenuBar

comctl32

CreateStatusWindowW
ImageList_Write
ImageList_SetIconSize
ImageList_AddMasked
InitCommonControlsEx
ImageList_Read
ImageList_GetIconSize
ImageList_LoadImageW
CreateToolbarEx
ImageList_Create
CreatePropertySheetPageA
ImageList_GetImageCount

msvcrt

strspn
iswspace
puts
wcspbrk
swscanf
bsearch
fopen
atoi
fscanf
wcsncpy
system

comdlg32

PrintDlgExW
ReplaceTextW
GetOpenFileNameW
ChooseColorW
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleW
FindTextW
PrintDlgW
CommDlgExtendedError

gdi32

Polygon
GetGlyphOutlineW
GetNearestPaletteIndex
Polyline
GetObjectW
ExtCreateRegion
PtInRegion
CreateFontIndirectW
GetROP2
CreateDiscardableBitmap
DeleteDC
EnumFontsW
CreateRoundRectRgn
RoundRect
StretchBlt
CreateICW
TextOutA

Exports

Exports

_RYJ_kgls_oks_mv@8
_CjO_oekyu_sgt@4
_PeMhi_cjic_zx@8
_EiDIg_ulzlo@16

Sections

.code
Size: 1024B - Virtual size: 6.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.temp
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f8546e8a5b1b89db2eca0bc065f2b39

Headers

File Characteristics

Imports

shlwapi

winspool.drv

kernel32

user32

comctl32

msvcrt

comdlg32

gdi32

Exports

Exports

Sections

.code Size: 1024B - Virtual size: 6.5MB

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 8KB - Virtual size: 8KB

.temp Size: 512B - Virtual size: 512B

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.reloc Size: 3KB - Virtual size: 2KB

.code
Size: 1024B - Virtual size: 6.5MB

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 8KB

.temp
Size: 512B - Virtual size: 512B

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

.reloc
Size: 3KB - Virtual size: 2KB