a0f816b85e2f348ee8bd42bb7a286b71_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a0f816b85e2f348ee8bd42bb7a286b71_JaffaCakes118
Size

36KB
MD5

a0f816b85e2f348ee8bd42bb7a286b71
SHA1

d02edef37f36a09bb5fb3f0880233ad23f4cd0ef
SHA256

d82fc56ac8644d286598ce80629d1db62d5a754e7a07aa9bbf22a15b2910158a
SHA512

3534a664bd899eb012a7fabd8de6de45172c63a0d833529dd28b7f6f2a77d64194476a5cc2e9418d653dea2602ff8b643759a85bc07113dc84d918f71780750b
SSDEEP

384://4TTw/y6h2H7y2ClTvyMBkv0n8Xq+Kyj+mAAGdfJKG29fmUSSKr+:n4TJO2Hm2CUC8ZjSVJKG2MPSy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0f816b85e2f348ee8bd42bb7a286b71_JaffaCakes118

Files

a0f816b85e2f348ee8bd42bb7a286b71_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b5b61fce1789adba2ff22bb8821477f7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

StrRChrA
StrCmpNIA

kernel32

GlobalDeleteAtom
WaitForMultipleObjects
FindFirstChangeNotificationA
HeapReAlloc
LocalFree
WideCharToMultiByte
DisableThreadLibraryCalls
lstrcmpA
CloseHandle
GetModuleFileNameA
lstrcmpiA
lstrcpyA
CreateThread
CreateMutexA
CreateEventA
TerminateThread
WaitForSingleObject
SetEvent
ReleaseMutex
FindClose
FindNextFileA
FindFirstFileA
FindCloseChangeNotification
HeapAlloc
GetCurrentThreadId
GetProcessHeap
GlobalAddAtomA
LockResource
LoadResource
SizeofResource
FindResourceA
FreeResource
HeapFree
CreateFileA
ReadFile
GetProcAddress
LoadLibraryA
GetLastError
FreeLibrary
MultiByteToWideChar
GetTempFileNameA
GetTempPathA

user32

DeleteMenu
GetWindow
RemoveMenu
GetMenuStringA
PostMessageA
GetParent
EnableMenuItem
SetMenuItemInfoA
WaitForInputIdle
GetDesktopWindow
GetMenuItemCount
GetMenuItemID
CreatePopupMenu
AppendMenuA
SetWindowLongA
IsWindowUnicode
SetPropA
RemovePropA
GetSubMenu
ScreenToClient
CallWindowProcA
CallWindowProcW
SendMessageA
IsWindow
GetWindowLongA
GetClassNameA
EnumThreadWindows
GetMenuItemRect
SetRectEmpty
WindowFromPoint
GetCursorPos
PtInRect
wvsprintfA
InsertMenuItemA
GetMenuItemInfoA
LoadMenuA
EnumChildWindows
ClientToScreen
GetPropA
ChildWindowFromPoint
DefWindowProcA
DestroyMenu

oleaut32

VariantChangeType
VariantCopy
VariantInit
SysAllocStringLen
SysFreeString

shell32

SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteExA
SHGetPathFromIDListA

Exports

Exports

CreateFilter
DestroyFilter

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5b61fce1789adba2ff22bb8821477f7

Headers

File Characteristics

Imports

version

shlwapi

kernel32

user32

oleaut32

shell32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 416B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 896B

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 416B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 896B