85d414646db19862d70d6c7fc50440ad_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

85d414646db19862d70d6c7fc50440ad_JaffaCakes118
Size

149KB
MD5

85d414646db19862d70d6c7fc50440ad
SHA1

7d8572ad9e8627ded8cf05a9f3f5a1a98a01d1da
SHA256

e5d01de29956c9fdffe44e874d215cdb217668230c340d2cbfd46d5dafd481ad
SHA512

df9ec1c13f0aa2798db5eb83f7a32c5eecc7b9564012ebbdd6fa8bd0bf1e71d3047b499d4dccd8110b649fffc2f3e3f583f98516c88d9bc77e6e8cee257d7ab3
SSDEEP

3072:iKMz87E8DgY6VfKX1G6mCwK9gUEzKoIRsDT2tHzuU7J:iKM+EVFl01Gle96nixt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85d414646db19862d70d6c7fc50440ad_JaffaCakes118

Files

85d414646db19862d70d6c7fc50440ad_JaffaCakes118
.exe windows:5 windows x86 arch:x86

890ee769889055357eb6d7a50861b824

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCommonPrefixA
ChrCmpIW
StrPBrkW
PathCanonicalizeA
StrFromTimeIntervalA
StrCmpW

shell32

ord147

kernel32

GetCommModemStatus
SetFilePointer
UnlockFileEx
SetSystemPowerState
FileTimeToDosDateTime
CreateWaitableTimerA
GetProfileSectionW
GetCommandLineW
OpenMutexA
QueueUserAPC
LoadLibraryExW
CreateFileA
lstrcpyW
OpenSemaphoreW
GetNamedPipeInfo
CreateEventA
LoadLibraryW
CloseHandle

user32

GetScrollInfo
ScrollDC
LoadKeyboardLayoutW
GetMenu
SetDlgItemInt
DrawFocusRect
GetDC
GetIconInfo
GetKeyboardLayoutNameW
SetScrollRange
DrawTextExW
EnumDisplaySettingsA
GetTopWindow
GetMenuItemID
GetWindowDC
GetWindowRect
ScreenToClient
RemovePropW
EnumPropsExA
PeekMessageA
GetMenuState
IsWindowUnicode
IsDlgButtonChecked
DrawMenuBar
WindowFromDC
SetMenuInfo
DispatchMessageA
GetCursor
MessageBoxW
GetSystemMetrics
IsWindowVisible
GetCaretBlinkTime
DefWindowProcW
LoadCursorFromFileA
SetMessageExtraInfo
TabbedTextOutW
UpdateWindow
GetWindow
SendMessageTimeoutW

gdi32

GetEnhMetaFileDescriptionW
GetRasterizerCaps
CreateDiscardableBitmap
SetROP2
Chord
LPtoDP
GetTextExtentExPointA
GetWorldTransform
SetBrushOrgEx
GetDeviceCaps
GetLayout
SaveDC
FillPath
GetCharABCWidthsW
UpdateColors

advapi32

AddAuditAccessAce
GetCurrentHwProfileA
InitializeAcl

Exports

Exports

__GetClientRect@12

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.exdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.secimg
Size: 1024B - Virtual size: 597B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.memo0
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.c_mem
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.datse
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

890ee769889055357eb6d7a50861b824

Headers

File Characteristics

Imports

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.exdata Size: 3KB - Virtual size: 2KB

.secimg Size: 1024B - Virtual size: 597B

.data Size: 3KB - Virtual size: 3KB

.memo0 Size: 512B - Virtual size: 48B

.c_mem Size: 512B - Virtual size: 64B

.datse Size: 1024B - Virtual size: 612B

.rsrc Size: 128KB - Virtual size: 128KB

.reloc Size: 1024B - Virtual size: 944B

.text
Size: 9KB - Virtual size: 8KB

.exdata
Size: 3KB - Virtual size: 2KB

.secimg
Size: 1024B - Virtual size: 597B

.data
Size: 3KB - Virtual size: 3KB

.memo0
Size: 512B - Virtual size: 48B

.c_mem
Size: 512B - Virtual size: 64B

.datse
Size: 1024B - Virtual size: 612B

.rsrc
Size: 128KB - Virtual size: 128KB

.reloc
Size: 1024B - Virtual size: 944B