be8ce7e1c596c5786dbfc5d40baa3c81_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

be8ce7e1c596c5786dbfc5d40baa3c81_JaffaCakes118
Size

139KB
MD5

be8ce7e1c596c5786dbfc5d40baa3c81
SHA1

deaf3c33985ce2450e9952c6dad5297ef786297b
SHA256

2e249dcaf5fdf1d0da6275b3d4aabc8de2e5de260fc25cd539427e8d28bd2d46
SHA512

5e9554cca74e1f629e0f1cccee1befdb31a29b9fbd410d97f115b0d15fb3edc4b0da97f97b540a34a299a42b3fa5bba66e12ae5fefa85d2fc0d43f0305885dd2
SSDEEP

3072:OSRIErv2rVpKpRaFhDwNwExQuxxDxmzrp9:OsIBVE2hboxx6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be8ce7e1c596c5786dbfc5d40baa3c81_JaffaCakes118

Files

be8ce7e1c596c5786dbfc5d40baa3c81_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0da08fb2165a726da5e38d787d0daeb8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetIconInfo
FindWindowA
GetActiveWindow
GetClassInfoA
IsDialogMessageW
GetKeyboardLayout
SetScrollRange
IsWindowEnabled
LoadCursorA
DrawIconEx
SendMessageW
CharUpperBuffA
LoadBitmapA
CharNextW
TrackPopupMenu
CallNextHookEx
SystemParametersInfoA
InsertMenuA
SetFocus
SetClipboardData
GetWindow
InflateRect
IsMenu
GetFocus
GetSystemMetrics
GetDC
GetKeyboardState
IsChild
SetRect
DrawAnimatedRects
GetScrollRange
RegisterClassA
GetKeyboardType
GetWindowDC
GetWindowLongW
OffsetRect
InvalidateRect
IsWindow
wsprintfA
GetScrollInfo
EnableWindow
GetSystemMenu
SetMenu
CharLowerA
IsIconic
PeekMessageA
GetSysColor
SetParent
IsDlgButtonChecked
EndDialog
SetForegroundWindow
GetWindowTextLengthA
SetCursor
CharNextA
MessageBeep
LoadStringA
FillRect
ReleaseDC
GetMenu
GetPropA
SetMenuItemInfoA
GetWindowRect

kernel32

IsBadReadPtr
GetCurrentThread
ExitProcess
SetThreadLocale
CompareStringA
GetFileSize
SetFilePointer
GetModuleFileNameA
FreeLibrary
GetCurrentProcess
VirtualAllocEx
FindClose
GlobalAlloc
CreateEventA
HeapAlloc
GetStringTypeW
LocalAlloc
GetCurrentProcessId
GetStdHandle
LoadLibraryA
GlobalDeleteAtom
GetProcessHeap

ole32

CoRevokeClassObject
OleRegGetUserType
CoCreateFreeThreadedMarshaler
CoUnmarshalInterface
StringFromIID
CoGetMalloc
GetHGlobalFromStream

Exports

Exports

__5GOvW@4
_daAXhcTG8m@20
_bo1yCF@20

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0da08fb2165a726da5e38d787d0daeb8

Headers

File Characteristics

Imports

user32

kernel32

ole32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 11KB - Virtual size: 114KB

.adata Size: 105KB - Virtual size: 105KB

.edata Size: 2KB - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 11KB - Virtual size: 114KB

.adata
Size: 105KB - Virtual size: 105KB

.edata
Size: 2KB - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 8KB