b6bdc60e9050686658b12ce6fb29dd47_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b6bdc60e9050686658b12ce6fb29dd47_JaffaCakes118
Size

241KB
MD5

b6bdc60e9050686658b12ce6fb29dd47
SHA1

5f9cc8095d04d5d8e8b0ddf536b67f65a626ae49
SHA256

6d8059dbcf7cff932b78904a599734fad3d5acd573d03bad9b884fc8f9ccdd0f
SHA512

c7a36172a0f828154b7cada61fd7cabddebee464d24f1eb00854cf92bd712778e77262aae0e2709c18351d23a3c103fc73f55c13e0eef1551df93ab92cc2c311
SSDEEP

6144:6+tQZ0YFHIE7FR6Yp9ZJqV+D7MeQMwU+4jB:6QQ3oE36a9ZJ/seQMwU+q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6bdc60e9050686658b12ce6fb29dd47_JaffaCakes118

Files

b6bdc60e9050686658b12ce6fb29dd47_JaffaCakes118
.exe windows:5 windows x86 arch:x86

49afc8e17b79dcf872a9372d19fefd90

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadBitmapA
FrameRect
CharToOemA
SetDlgItemInt
DialogBoxParamW
CopyImage
GetWindow
MonitorFromRect
ShowScrollBar
GetWindowLongA
GetDialogBaseUnits
FindWindowW
ScreenToClient
IsDialogMessageW
SetDlgItemTextW
GetActiveWindow
ShowWindow
EnumThreadWindows
ScrollWindow
GetSubMenu
RegisterClassW
CharNextA
PostThreadMessageW
DialogBoxIndirectParamW
AppendMenuW
FindWindowA
DestroyWindow
CreateDialogParamW
AllowSetForegroundWindow
TranslateAcceleratorW
OemToCharBuffA
DrawIconEx
DefFrameProcW
RegisterWindowMessageA
ArrangeIconicWindows
ValidateRect

gdi32

SetBkColor
RectInRegion
UnrealizeObject
GetTextCharsetInfo
GetViewportOrgEx
PolyBezier
ExtFloodFill
GetPixel
GetPaletteEntries
StartDocW
SelectPalette
SetStretchBltMode
Rectangle
AddFontResourceW
GetWindowOrgEx
GetTextExtentPointW
CreateICW

kernel32

GetLocalTime
ClearCommBreak
GetFileAttributesW
GetDateFormatA
FormatMessageA
SetFileApisToOEM
RaiseException
GetModuleFileNameA
SetFilePointer
GetSystemTimeAdjustment
GetFileType
CompareStringW
VirtualProtect
FindNextChangeNotification
DeleteAtom
GetPriorityClass
GetLastError
GetSystemDefaultUILanguage

comdlg32

ReplaceTextW
ChooseFontW
PageSetupDlgW

Exports

Exports

?KDLJKUIOFDuioYUFKyIFYFIUIFUJHFhjkfd@@YGKEPA_WG@Z

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmem
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49afc8e17b79dcf872a9372d19fefd90

Headers

File Characteristics

Imports

user32

gdi32

kernel32

comdlg32

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 131KB

.qdata Size: 12KB - Virtual size: 12KB

.vmem Size: - Virtual size: 108KB

.data Size: 2KB - Virtual size: 2KB

.ndata Size: 91KB - Virtual size: 91KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 132KB - Virtual size: 131KB

.qdata
Size: 12KB - Virtual size: 12KB

.vmem
Size: - Virtual size: 108KB

.data
Size: 2KB - Virtual size: 2KB

.ndata
Size: 91KB - Virtual size: 91KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB