b20779965bc495267fced03a7b6b427a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b20779965bc495267fced03a7b6b427a_JaffaCakes118
Size

208KB
MD5

b20779965bc495267fced03a7b6b427a
SHA1

0fc4774a489ed5462f182ceec705b8745dd3fb3e
SHA256

57f83cb466a0203fa61186cfeeb915781374903cdac51775adc4f8b95c5a0e98
SHA512

8aaaf38824b8a5ef4217412ded8aaef70aaabb5a212a39376ae88ec12cc68258fc0c3bd527fbcb1747a5bd323f5f8f81df04a0d2808cb1b5d5226d50a07da3a9
SSDEEP

3072:JYUiyCyekF7LzJM8+ED4a6rR8kPzVkBmcafm5yPRD7kEq/H6Z7tGeowxqPu:JPMyeSpM8+U4R3zVkBmvKyJEEqPS7j9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b20779965bc495267fced03a7b6b427a_JaffaCakes118

Files

b20779965bc495267fced03a7b6b427a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

49fa2ca8c3dcff0b08ced6fa8642e103

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DoEnvironmentSubstW
DragAcceptFiles
DragQueryFileA
DragQueryFileW
ExtractIconA
ExtractIconW
SHBrowseForFolder
SHBrowseForFolderW
SHGetDesktopFolder
SHGetFileInfoW
SHGetFolderLocation
SHGetFolderPathW
SHGetPathFromIDList
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
ShellExecuteA
ShellExecuteExA
ShellExecuteW

kernel32

CreateMutexA
CreateProcessA
FlushFileBuffers
GetDiskFreeSpaceA
GetFileSize
GetProcessHeap
GetStringTypeA
GetSystemInfo
GlobalFree
GlobalLock
InterlockedExchange
IsBadWritePtr
OutputDebugStringA
ReadFile
SetUnhandledExceptionFilter
TerminateThread
UnhandledExceptionFilter
WaitForSingleObject
WritePrivateProfileStringA

gdi32

BitBlt
CreateBrushIndirect
CreateDIBPatternBrushPt
CreateHalftonePalette
CreatePen
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
EndDoc
ExtCreateRegion
GetEnhMetaFileDescriptionA
GetEnhMetaFileHeader
GetNearestPaletteIndex
GetSystemPaletteEntries
GetTextMetricsA
GetViewportOrgEx
GetWinMetaFileBits
InvertRgn
LPtoDP
OffsetViewportOrgEx
RectInRegion
Rectangle
RemoveFontResourceA
ScaleWindowExtEx
SetColorAdjustment
SetPixel
SetWindowOrgEx
SetWorldTransform
UnrealizeObject

user32

DefWindowProcA
DestroyCursor
GetCursorPos
GetSubMenu
IsIconic
OffsetRect
RemovePropA
SetCursor
SetWindowTextA
ShowOwnedPopups

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

2CSewqKR
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

49fa2ca8c3dcff0b08ced6fa8642e103

Headers

File Characteristics

Imports

shell32

kernel32

gdi32

user32

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 98KB - Virtual size: 98KB

.rsrc Size: 18KB - Virtual size: 17KB

2CSewqKR Size: 1024B - Virtual size: 120KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 98KB - Virtual size: 98KB

.rsrc
Size: 18KB - Virtual size: 17KB

2CSewqKR
Size: 1024B - Virtual size: 120KB