bdf4a30a17214129cd6e6ae9930746c8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bdf4a30a17214129cd6e6ae9930746c8_JaffaCakes118
Size

213KB
MD5

bdf4a30a17214129cd6e6ae9930746c8
SHA1

413edcb8b56e4ab42aefb07e70cca18dc562c39b
SHA256

7c3806027185c35a86036e37b73d69a44d57d49ab911a38c24bae7d4dcd96f31
SHA512

dfdeaa29f483712c56c7187e2ca5c2b00beb34936f1d7bf5f782ce3d161eb4929d254b4a80581368cb8066f55474b0f9cdd7a6850874cdc3a3b17606d395de09
SSDEEP

3072:KR1CIqUzlHOkFzTJo/mXChyryy98yhFrIJRafNDyXIVor1SsMDk5kRnk2Kk3SVsO:K7CIrzlxTjMyvi0N8+ZsMDk5z/kCz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdf4a30a17214129cd6e6ae9930746c8_JaffaCakes118

Files

bdf4a30a17214129cd6e6ae9930746c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f95d20649c06a367c30d12b3629c5241

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreatePropertySheetPageA
CreateStatusWindowA
ImageList_AddMasked
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_GetDragImage
ImageList_GetIcon
ImageList_GetImageCount
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_SetOverlayImage
InitCommonControls
InitCommonControlsEx

kernel32

CreateFileA
CreateProcessW
DeleteFileW
FileTimeToLocalFileTime
FormatMessageA
GetFileSize
GetModuleHandleA
GetOEMCP
IsBadReadPtr
LoadLibraryExA
MulDiv
SetFilePointer
SetFileTime
SetThreadPriority
TlsFree
VirtualFree
VirtualQuery
WritePrivateProfileStringA

shell32

DragAcceptFiles
DragQueryFileW
ExtractAssociatedIconW
ExtractIconExA
ExtractIconExW
ExtractIconW
SHBindToParent
SHBrowseForFolderW
SHCreateDirectoryExW
SHFileOperationA
SHGetFileInfo
SHGetPathFromIDListW
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
ShellExecuteA
ShellExecuteEx
Shell_NotifyIconW

user32

CharLowerA
DeleteMenu
DestroyWindow
DialogBoxParamA
DrawIcon
EnableWindow
EnumThreadWindows
GetForegroundWindow
GetMenuStringA
GetMessageA
GetMessagePos
GetParent
GetSysColorBrush
GetWindowLongA
InvalidateRect
IsIconic
IsWindow
RegisterWindowMessageA
RemovePropA
SendMessageA
SetCapture
SetWindowLongA
ShowOwnedPopups
TrackPopupMenu
WinHelpA

gdi32

AddFontResourceA
CreateBrushIndirect
CreateEnhMetaFileA
CreateFontIndirectW
EndDoc
EnumEnhMetaFile
EnumMetaFile
Escape
ExtSelectClipRgn
GetBrushOrgEx
GetObjectW
GetTextCharsetInfo
GetTextColor
GetTextExtentPointW
GetTextMetricsA
GetViewportOrgEx
GetWinMetaFileBits
PtVisible
Rectangle
SetDIBColorTable
SetROP2
SetWindowOrgEx

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

tDJC1e8U
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f95d20649c06a367c30d12b3629c5241

Headers

File Characteristics

Imports

comctl32

kernel32

shell32

user32

gdi32

Sections

.text Size: 89KB - Virtual size: 89KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 18KB - Virtual size: 17KB

tDJC1e8U Size: 2KB - Virtual size: 120KB

.text
Size: 89KB - Virtual size: 89KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 18KB - Virtual size: 17KB

tDJC1e8U
Size: 2KB - Virtual size: 120KB