a0e1e4a5f0ac2118e3d089773c945d7e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a0e1e4a5f0ac2118e3d089773c945d7e_JaffaCakes118
Size

257KB
MD5

a0e1e4a5f0ac2118e3d089773c945d7e
SHA1

d8989a9eed0986e090e0eaece672d3a72283308c
SHA256

0ef55f0d879e0c1a6ef94dcfa5e5b49cb9569232559fcabf2fae15f7df9cf50e
SHA512

03cdb7d0f1fa055d44869cdd254c5655179ee49ec725752db1956f466b7fd95e4e443ea492d4774017c0446b3009dc801675ef11cc78cf7722e5fad8e318a5ca
SSDEEP

6144:O6uOrfrPNnOepRJo1njv1DpIp3fFRuqBvrNlbsoAt:O6u6fDdnpRJopjmPFRDFrsoe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0e1e4a5f0ac2118e3d089773c945d7e_JaffaCakes118

Files

a0e1e4a5f0ac2118e3d089773c945d7e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33d023a21f132d77995ad3d356fa02fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetModuleHandleW
LoadLibraryW
GetModuleFileNameW
SetEvent
Sleep
GetLastError
GetExitCodeThread
GetTempPathW
WaitForSingleObject
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
IsDebuggerPresent
GetVersionExW
LocalFree
LocalAlloc
MulDiv
BeginUpdateResourceW
GetProcAddress
GetModuleHandleA

user32

GetActiveWindow
GetIconInfo
GetFocus
IsWindow
CopyRect
LoadImageW
InvalidateRect
DestroyIcon
wsprintfW
LoadIconW
EnableWindow
IsIconic
PostMessageW
GetSystemMetrics
MessageBoxW
SendMessageW
LoadMenuIndirectA
CharLowerW
mouse_event
GetMenuInfo
CharPrevW
GetClassInfoW
SetDlgItemInt
GetMenuItemRect
MessageBoxIndirectA
SetDlgItemTextA
DialogBoxIndirectParamA
WinHelpW
GetKeyboardType
IsChild
SetMenu
GetSysColor
CopyIcon
GetDlgItemInt
CreateDialogIndirectParamW
keybd_event
PeekMessageA
GetCapture
RegisterWindowMessageW

gdi32

CreatePatternBrush
DeleteObject
CreateCompatibleDC
CreatePen
CreateFontIndirectW
CreatePalette
CreateSolidBrush
GetStockObject
CreateMetaFileW
GetEnhMetaFileA
SetWinMetaFileBits
AddFontResourceA
GdiGetBatchLimit
UpdateICMRegKeyA
RemoveFontResourceA

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

comctl32

ord17

urlmon

IsValidURL
URLDownloadToFileW

winipsec

GetQMPolicy
DeleteMMPolicy

avifil32

AVIStreamWriteData
AVIFileOpenW
AVIStreamEndStreaming
AVIFileAddRef
AVIFileEndRecord
AVIBuildFilter
AVISaveW
EditStreamSetInfoA
AVIStreamOpenFromFile
AVIClearClipboard
EditStreamCopy
AVIStreamFindSample

Sections

.edata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.icode
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.l
Size: 107KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.unIsec
Size: 112KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33d023a21f132d77995ad3d356fa02fe

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

urlmon

winipsec

avifil32

Sections

.edata Size: 5KB - Virtual size: 5KB

.icode Size: 14KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 16KB

.l Size: 107KB - Virtual size: 149KB

.data Size: 7KB - Virtual size: 331KB

.unIsec Size: 112KB - Virtual size: 166KB

.rsrc Size: 7KB - Virtual size: 6KB

.edata
Size: 5KB - Virtual size: 5KB

.icode
Size: 14KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 16KB

.l
Size: 107KB - Virtual size: 149KB

.data
Size: 7KB - Virtual size: 331KB

.unIsec
Size: 112KB - Virtual size: 166KB

.rsrc
Size: 7KB - Virtual size: 6KB