be20b8552305a2af64792fe8a3709cfc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

be20b8552305a2af64792fe8a3709cfc_JaffaCakes118
Size

118KB
MD5

be20b8552305a2af64792fe8a3709cfc
SHA1

98a8ef12be73815d72539b98fbf35cb841cc7967
SHA256

84da9aa87ee928649c3effcd750bfcc09589b5fd8339fe02e2d62ac368ea631a
SHA512

ce6d9fc9c19da9acda526268280d649d92f131059d176f8280495cd134ada6074899c550798ec9dffbcc9154f3ea510f10bff2dcfee69cf218bc3ba2bbe22f33
SSDEEP

3072:779cdTCBPcp4NGEFqu8xJztpg25m9YGrUb:X9MAYaqnzQh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be20b8552305a2af64792fe8a3709cfc_JaffaCakes118

Files

be20b8552305a2af64792fe8a3709cfc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

91bcccf0e3172c656323fcfe506b4314

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BeginDeferWindowPos
PostThreadMessageA
GetClassLongA
FindWindowA
CheckMenuRadioItem
GetMenuItemCount
GetActiveWindow
LoadStringW
GetClassInfoExW
RemovePropW
MapVirtualKeyExW
InflateRect
MessageBoxA
InternalGetWindowText
DrawAnimatedRects
LockWindowUpdate
SystemParametersInfoW
DrawStateW
RedrawWindow
PostQuitMessage
EndDialog
DialogBoxParamW
GetDC
HideCaret
EnableWindow
RegisterClassExW
GetClassInfoW
WaitMessage
GetClassInfoExA
SwitchToThisWindow

shlwapi

StrSpnW
UrlGetPartW
StrCmpW

ntdll

memset

gdi32

CreateDiscardableBitmap
DeleteObject
SetTextAlign
GetTextAlign
CreateHatchBrush
RectInRegion
CreateFontIndirectA
GetTextColor
SaveDC
GetObjectW
CreateDCW
WidenPath
RoundRect
GetTextCharsetInfo

comdlg32

PrintDlgW
ChooseColorW
FindTextW
GetOpenFileNameA
GetFileTitleW

kernel32

AreFileApisANSI
IsDBCSLeadByte
lstrlenW
IsDBCSLeadByteEx
SetCommBreak
CreateEventW
GetCurrentProcessId
UnmapViewOfFile
EnumSystemLocalesA
lstrcatA
FindClose
GetSystemDefaultUILanguage
WaitForDebugEvent
GetFullPathNameW
WaitForMultipleObjects
SetFileTime
GetOEMCP
lstrcpyA

Exports

Exports

?zosrPRWCQFPOge@@YGGE_N@Z

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91bcccf0e3172c656323fcfe506b4314

Headers

File Characteristics

Imports

user32

shlwapi

ntdll

gdi32

comdlg32

kernel32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 76KB

.idata Size: 7KB - Virtual size: 6KB

.data Size: 25KB - Virtual size: 149KB

.rsrc Size: 6KB - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 76KB - Virtual size: 76KB

.idata
Size: 7KB - Virtual size: 6KB

.data
Size: 25KB - Virtual size: 149KB

.rsrc
Size: 6KB - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 1KB