8881a2fc65ddbbe1fc022e2f6ac6e696_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8881a2fc65ddbbe1fc022e2f6ac6e696_JaffaCakes118
Size

147KB
MD5

8881a2fc65ddbbe1fc022e2f6ac6e696
SHA1

70f1c18e6ecaee6b8f089fa31a6dac351b5c0050
SHA256

a493b70155be33d33f0151e6d175f3e83c5b1993a21ec8b40240f4fb3bf38ab4
SHA512

b1d553b6aa978616148d40150a4da4a4ce39da0272b1037f2753522c3d560be09361622c50829c87281a5f85d6ee423f06ba5293f61a55d5b5d9dc21300f83b1
SSDEEP

3072:/7wAhJ1uQ8MQU1u0IuETaMvn0kmRXVcMrtfU4MXY4e+Slh:/bzZ/QU1XisxU4CY4e+4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8881a2fc65ddbbe1fc022e2f6ac6e696_JaffaCakes118

Files

8881a2fc65ddbbe1fc022e2f6ac6e696_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3015a0b106c90673684240256e756958

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrIsIntlEqualA
PathAppendA
StrCmpW
StrToIntExW
PathCommonPrefixA
StrStrNIW

shell32

ord147

kernel32

OpenEventW
FileTimeToDosDateTime
GetFileSize
FreeLibrary
SetHandleInformation
VerifyVersionInfoA
GetFileAttributesW
OpenWaitableTimerA
SetCommMask
GetCommTimeouts
GetFileTime
EnumResourceLanguagesW
LoadLibraryExW
ClearCommError
lstrcpyW
OpenSemaphoreW
GetNamedPipeInfo
CreateEventA
LoadLibraryW
lstrcmpW

user32

DrawFocusRect
GetDC
SetSystemCursor
SetActiveWindow
ScreenToClient
GetSystemMenu
GetNextDlgGroupItem
GetDlgItemInt
SendNotifyMessageW
UnloadKeyboardLayout
ScrollDC
GetKeyboardLayout
LoadMenuW
SetWindowsHookA
DestroyCaret
EnumPropsExW
SetMenu
SendMessageTimeoutW
DrawMenuBar
SetCaretBlinkTime
DefMDIChildProcA
AdjustWindowRect
EnumDisplayDevicesA
MessageBoxExW
DefWindowProcW
GetWindow
ShowScrollBar

gdi32

LPtoDP
GetEnhMetaFileDescriptionW
GetRandomRgn
CloseMetaFile
GetTextFaceW
SaveDC
GetCharABCWidthsW
GetTextExtentExPointW
GetMetaFileBitsEx
CreateDIBPatternBrush
FillPath
SetStretchBltMode
UpdateColors

advapi32

SetAclInformation
AddAuditAccessAceEx

Exports

Exports

__SetMenuContextHelpId@12

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ex_dat
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.i_text
Size: 1024B - Virtual size: 638B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mem_0
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mconst
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dat_s
Size: 1024B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 894B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3015a0b106c90673684240256e756958

Headers

File Characteristics

Imports

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

.ex_dat Size: 2KB - Virtual size: 1KB

.i_text Size: 1024B - Virtual size: 638B

.data Size: 512B - Virtual size: 400B

.mem_0 Size: 512B - Virtual size: 132B

.mconst Size: 512B - Virtual size: 64B

.dat_s Size: 1024B - Virtual size: 652B

.rsrc Size: 129KB - Virtual size: 128KB

.reloc Size: 1024B - Virtual size: 894B

.text
Size: 11KB - Virtual size: 10KB

.ex_dat
Size: 2KB - Virtual size: 1KB

.i_text
Size: 1024B - Virtual size: 638B

.data
Size: 512B - Virtual size: 400B

.mem_0
Size: 512B - Virtual size: 132B

.mconst
Size: 512B - Virtual size: 64B

.dat_s
Size: 1024B - Virtual size: 652B

.rsrc
Size: 129KB - Virtual size: 128KB

.reloc
Size: 1024B - Virtual size: 894B