aeaf2eb6dc3c43d0b6bf08d80d44ff47_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aeaf2eb6dc3c43d0b6bf08d80d44ff47_JaffaCakes118
Size

235KB
MD5

aeaf2eb6dc3c43d0b6bf08d80d44ff47
SHA1

f313bea643dc8f111c1e033178532b6226ebfcd9
SHA256

d608660c0d872508cbda7a73b3c9a16e7afb1f4af6fa4a7791ee576d677dfa16
SHA512

962d1eb3f221fece0ffea3f54e0967e6642312e7404a1d84f4066648a1bbb3cedfc1a8a82492553deed7d5d63387d151b48c57763024d63405054c962d570b38
SSDEEP

3072:K4247W/z0g0b5gz+MJCekXeQLDuXFQ8IR+uj4+MlDfksx0l56PNDemxQWZBnLq:z24Cb+jMzkXbLDoQwuj4dDf+/+Zz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aeaf2eb6dc3c43d0b6bf08d80d44ff47_JaffaCakes118

Files

aeaf2eb6dc3c43d0b6bf08d80d44ff47_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e31550e0195ddf3595c3e83fe721fde4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord6
ord17

winmm

PlaySoundA

user32

CreateWindowExA
TranslateMessage
RegisterClassA
DispatchMessageA
FindWindowA
GetMessageA
GetSystemMetrics
SendMessageA
ShowWindow
RegisterHotKey
LoadIconA
CheckMenuItem
LoadCursorA
DefWindowProcA
InvalidateRect
DestroyWindow
SetWindowLongA
SetFocus
PostQuitMessage
GetDlgItem
MoveWindow
EndDialog
DrawTextA
GetSysColor
GetMenuState
GetSysColorBrush
GetDlgItemInt
SetCursor
FillRect
SetDlgItemInt
DialogBoxParamA
GetDC
ReleaseDC
CallWindowProcA
MessageBeep
GetParent
EndPaint
BeginPaint
GetClientRect
SendDlgItemMessageA
MessageBoxA
SetWindowTextA
GetWindowRect
GetWindowTextA
InvalidateRgn
GetMenu
UpdateWindow

gdi32

Rectangle
GetTextExtentPoint32A
CreateFontA
SetROP2
CombineRgn
SetTextColor
SetBkColor
PtInRegion
SelectObject
CreateRectRgnIndirect
CreatePen
CreateSolidBrush
MoveToEx
LineTo
CreateRectRgn
Ellipse
CreateEllipticRgn
GetRgnBox
DeleteObject

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA

shell32

ShellExecuteA

kernel32

SetEnvironmentVariableA
HeapReAlloc
CloseHandle
FlushFileBuffers
CompareStringA
LCMapStringA
SetStdHandle
LCMapStringW
VirtualAlloc
HeapAlloc
LoadLibraryA
GetStringTypeW
GetStringTypeA
HeapFree
GetLastError
WriteFile
SetFilePointer
VirtualFree
HeapCreate
RtlUnwind
GetFileType
GetStdHandle
HeapDestroy
GetOEMCP
GetACP
SetHandleCount
WideCharToMultiByte
GetEnvironmentStringsW
GetCPInfo
FreeEnvironmentStringsW
MultiByteToWideChar
GetEnvironmentStrings
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
TerminateProcess
ExitProcess
GetCurrentProcess
CompareStringW
GetProcAddress
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetLocalTime
GetSystemTime
GetTimeZoneInformation

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e31550e0195ddf3595c3e83fe721fde4

Headers

File Characteristics

Imports

comctl32

winmm

user32

gdi32

advapi32

shell32

kernel32

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 12KB - Virtual size: 20KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 165KB - Virtual size: 165KB

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 12KB - Virtual size: 20KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 165KB - Virtual size: 165KB