af6f96a5e20cabbb166a69fe2e9d39f9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

af6f96a5e20cabbb166a69fe2e9d39f9_JaffaCakes118
Size

138KB
MD5

af6f96a5e20cabbb166a69fe2e9d39f9
SHA1

49c4fada461134c97440249dfbf5d5d02fe7b06c
SHA256

1d68e584249cca3ad7ec636a24b7f285ab7006728e1fc6dc200414f95feb430b
SHA512

e07b9b4624a2eba39d1e05519ce4a9f09f90e8e7db19426f3b6fc7cbc8fce74262f62b6963ed07ff1832751503b026d33062fd6ad809e89504710388b315340f
SSDEEP

3072:3Ant/qnz+wqqdXv2+JO1VwKA+gpoZjWic1:3bKqXpO1Vr7gmZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af6f96a5e20cabbb166a69fe2e9d39f9_JaffaCakes118

Files

af6f96a5e20cabbb166a69fe2e9d39f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a30cf7ed89a94f9b0f66e825404ebb53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
DeleteFileA
LocalFree
ExitProcess
ReadFile
GetLastError
VirtualAllocEx
SetFilePointer
SizeofResource
LockResource
GetStdHandle
LoadLibraryExA
GetOEMCP
GetTempPathA
GetFileAttributesA
LoadLibraryA
GlobalAlloc
GetProcAddress
GetStartupInfoA
GetEnvironmentStrings
LocalAlloc
GetLocaleInfoA
ResetEvent

user32

EnableScrollBar
LoadStringA
GetMenuItemInfoA
InsertMenuA
SetPropA
GetTopWindow
TranslateMDISysAccel
ReleaseDC
GetCursorPos
SetScrollRange
LoadCursorA
GetMenu
LoadIconA
LoadBitmapA
DestroyIcon
SetWindowPos
CreatePopupMenu
CharLowerA
UnregisterClassA
GetDlgItem
GetClassLongA
DrawTextA
GetClassNameA
PostMessageA
FindWindowA
GetSystemMetrics
CharLowerBuffA
InsertMenuItemA
IsRectEmpty
GetParent
UnhookWindowsHookEx
OpenIcon
GetActiveWindow
IsWindowUnicode
GetKeyboardType
GetCapture
GetMenuState
CallWindowProcA
SetMenuItemInfoA
DestroyMenu
wsprintfA
IsMenu
ShowWindow
IsWindow
EndPaint
GetMenuItemID
DrawMenuBar
CharNextA
DestroyWindow
TranslateMessage
GetWindowTextA
SendMessageA
GetMessagePos
SetScrollPos
EndDialog
IntersectRect
CallNextHookEx
GetWindowLongA
IsDialogMessageA
DispatchMessageW
SetRect
ActivateKeyboardLayout
SetWindowsHookExA
GetClassInfoA

advapi32

RegLoadKeyA
RegDeleteValueA
GetLengthSid
RegDeleteKeyA

gdi32

GetDIBColorTable
GetTextColor
CreateDIBSection
CreatePenIndirect

Exports

Exports

_6pEaV7vzqGfBz
_GkZ9Rm9Xo
DC4mfD4O@8
wmgLTzO@20
9_wgVNn8dc
_ve6V69NzU6bYZi@12
_369onSp_CwG40@16
_GGAX940nPfI@12
_jErfD5twOZa
53QHg
_19iDiG

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.acdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a30cf7ed89a94f9b0f66e825404ebb53

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 9KB - Virtual size: 125KB

.data Size: 102KB - Virtual size: 102KB

.edata Size: 1KB - Virtual size: 1KB

.acdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 9KB - Virtual size: 125KB

.data
Size: 102KB - Virtual size: 102KB

.edata
Size: 1KB - Virtual size: 1KB

.acdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 8KB