93e1686f3e956ad0467308cb5a39c23f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

93e1686f3e956ad0467308cb5a39c23f_JaffaCakes118
Size

242KB
MD5

93e1686f3e956ad0467308cb5a39c23f
SHA1

63a0c83aa5318ff9053745d4136aa62153ae787a
SHA256

5a95b034cb45e7d985d6336e3e81fe76a0ffae7aec81e23a81199c881d0e59ac
SHA512

0bba5e84658ab0ad6de6fc3fbb0acf96d7cac77cf25434f5638588e3e4d8719508a45fc8f720c1ca9947d38781352d12d69553b6290eea0be9306630a228fda3
SSDEEP

3072:hSf/vhsfiuwK6vJGCk7ecxX8MTtY5F7eI8T1G4eWmqqWa7MIIHB1xFYoYQAVgk1l:Rqu2kVxXB65NL+Xa7uhbFfYcR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93e1686f3e956ad0467308cb5a39c23f_JaffaCakes118

Files

93e1686f3e956ad0467308cb5a39c23f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f32297403796a65a4315ebc4671dc00d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetBkMode
GetTextAlign

user32

ChildWindowFromPoint
GetDesktopWindow
PeekMessageW
SystemParametersInfoA
DrawFrameControl
SetScrollPos
GetSystemMenu
GetActiveWindow
CreateMenu
SetForegroundWindow
GetMessagePos
DrawIconEx
CreatePopupMenu
InvalidateRect
OpenIcon
WaitMessage
EqualRect
CharNextA
GetDC
CreateIcon
EndDialog
GetLastActivePopup
RegisterWindowMessageA
SetFocus
GetWindowThreadProcessId
GetScrollInfo
GetForegroundWindow
TrackPopupMenu
GetWindowPlacement
InsertMenuA
SetPropA
WindowFromPoint
GetWindow
EnumChildWindows
IsCharUpperA
IsChild
OemToCharA
DrawMenuBar
LoadStringA
CreateWindowExA
GetDlgItem
SetWindowPos
PtInRect
IsIconic
DestroyWindow
FrameRect
ReleaseDC
GetFocus
RemovePropA
GetClipboardData
TranslateMDISysAccel
IsWindowUnicode
KillTimer
DispatchMessageA
GetKeyboardLayoutList
GetMenu
CharLowerA
SendMessageA
CallNextHookEx
BeginPaint
EnumThreadWindows
IsMenu
RegisterClassA

kernel32

SetHandleCount
lstrlenW
VirtualQuery
LocalFree
GetProcessHeap
VirtualAlloc
LoadLibraryA
GetCurrentProcess
WriteFile
WideCharToMultiByte
VirtualFree
ExitProcess
WaitForSingleObject
LoadLibraryExA
CreateThread
LocalAlloc
lstrcpynA
SetThreadLocale
lstrcpyA
SetLastError
ExitThread
VirtualAllocEx

comctl32

ImageList_Add
ImageList_DrawEx

Exports

Exports

_yfzRM@8

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.badata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f32297403796a65a4315ebc4671dc00d

Headers

File Characteristics

Imports

gdi32

user32

kernel32

comctl32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 196KB - Virtual size: 196KB

.edata Size: 3KB - Virtual size: 3KB

.badata Size: 2KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 196KB - Virtual size: 196KB

.edata
Size: 3KB - Virtual size: 3KB

.badata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 8KB