8d8331f97143ef1c697160025fb1249e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8d8331f97143ef1c697160025fb1249e_JaffaCakes118
Size

132KB
MD5

8d8331f97143ef1c697160025fb1249e
SHA1

df3ede2fb305688cdda0de380badd24c87af6b49
SHA256

c8468eaae11a810fe8f69e1cb20df1db3bcf4a2c87008c7190e41b721255f079
SHA512

c0783a7185b98585c1cad529c930338d015cddcf42609f736d6eaccc14b8f3c2185338ffe3db3be2809037b85982f819646421640927079e83cd7ea6f3e0a006
SSDEEP

3072:IcOxI5IYYulE8kfbaTqb0tgdEf/jUd78as/bqAtP+n:oxI5If+E8k2AQgdEfoN8as+AtP6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d8331f97143ef1c697160025fb1249e_JaffaCakes118

Files

8d8331f97143ef1c697160025fb1249e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e6191072010a69ea1e118e68ef04d3c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

_strcmpi
wcsrchr
_wcslwr
_wcsicmp

shell32

ord196
SHGetPathFromIDListW

shlwapi

StrChrW

kernel32

GetBinaryTypeW
GetFileAttributesExW
CloseHandle
DeleteAtom
GetModuleHandleExW
GetExitCodeProcess
GetQueuedCompletionStatus
WaitForSingleObject

user32

KillTimer
GetNextDlgGroupItem
LoadStringW
CheckDlgButton
SwitchDesktop
GetDlgItemInt
CreateIconFromResourceEx
GrayStringW
GetScrollPos
EnumThreadWindows
GetKeyboardLayout
CallMsgFilterA
SetScrollPos

gdi32

GetMiterLimit
GetEnhMetaFileW
GetArcDirection
GetPaletteEntries
GetCharWidthA
CreateMetaFileW
DeleteColorSpace
CreateRectRgn
PlgBlt
SetPixelFormat
GetObjectA
EnumFontFamiliesExA
PtInRegion

ole32

WriteFmtUserTypeStg
CoFileTimeNow
IsAccelerator
CoInitialize
CoUninitialize

Exports

Exports

?BDVvHGDjsgdshdhbJHgdjf@@YGKK@Z
?JHDsHGDsgdshgdjsbHJGdjgs@@YGKKK@Z
?NBXDmnbfdGDjsgfysdgfd@@YGKKKK@Z

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.newdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.info
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 534B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6191072010a69ea1e118e68ef04d3c5

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

shell32

shlwapi

kernel32

user32

gdi32

ole32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 504B

.newdata Size: 2KB - Virtual size: 2KB

.info Size: 512B - Virtual size: 182B

.rsrc Size: 122KB - Virtual size: 121KB

.reloc Size: 1024B - Virtual size: 534B

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 504B

.newdata
Size: 2KB - Virtual size: 2KB

.info
Size: 512B - Virtual size: 182B

.rsrc
Size: 122KB - Virtual size: 121KB

.reloc
Size: 1024B - Virtual size: 534B