bea8a6a1082055c60d43a7a669a33e8f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bea8a6a1082055c60d43a7a669a33e8f_JaffaCakes118
Size

213KB
MD5

bea8a6a1082055c60d43a7a669a33e8f
SHA1

2c2ef30f2baa1960d935fe733fe3aa499d74a60b
SHA256

e927b2ed7c649f04bfc812cc54a4c0bf07483d280deebc1aa115f902966ed013
SHA512

ee4969e652ab5f3b39185dda8036edbc9ed9d0aa37a4c927bfed65f11a98cd668d3d135e542732f5118761e9bb0af274929d8285b54087b18a22e92683fabf67
SSDEEP

3072:EGmSJITZfR1ZlzlFlChJXjd6E57Y5DeZ75QHoCgoXeM1KbZnP43tQ/dd2+jgrZRR:ESUZzrqddD7YBxeM1KbXEwM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bea8a6a1082055c60d43a7a669a33e8f_JaffaCakes118

Files

bea8a6a1082055c60d43a7a669a33e8f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

096c20657a18c531e085f4ccfcff2528

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
DeleteCriticalSection
GetFileSize
GetStringTypeA
GetTempFileNameA
GetTempPathW
GlobalReAlloc
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByte
LocalFileTimeToFileTime
SetUnhandledExceptionFilter

gdi32

CreateBrushIndirect
CreateCompatibleDC
CreateDIBSection
CreateFontA
CreateRectRgnIndirect
DPtoLP
GetEnhMetaFilePaletteEntries
GetViewportExtEx
Pie
RestoreDC
SetRectRgn

comctl32

CreateToolbarEx
ImageList_Create
ImageList_Destroy
ImageList_Draw
ImageList_DrawEx
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_LoadImageW
ImageList_Read
ImageList_Remove
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetImageCount
ImageList_Write
InitCommonControls
PropertySheetA

shell32

CommandLineToArgvW
DoEnvironmentSubstW
DragAcceptFiles
DragQueryFileW
ExtractIconExA
ExtractIconW
SHAppBarMessage
SHBrowseForFolderA
SHChangeNotify
SHCreateDirectoryExA
SHFileOperationW
SHGetDiskFreeSpaceExW
SHGetFolderLocation
SHGetFolderPathA
SHGetFolderPathW
SHGetPathFromIDList
SHGetPathFromIDListW
SHGetSpecialFolderPathW
ShellExecuteExA
ShellExecuteExW
Shell_NotifyIconA

user32

CharNextA
CreatePopupMenu
DestroyIcon
DestroyWindow
EmptyClipboard
GetCapture
GetCursorPos
GetIconInfo
GetKeyboardType
GetScrollInfo
GetScrollRange
GetTopWindow
GetWindowThreadProcessId
IsRectEmpty
MapWindowPoints
OpenClipboard
PostMessageA
SetCapture
SetScrollInfo
SetScrollRange
TrackPopupMenu
WaitMessage

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

UMayn4jS
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

096c20657a18c531e085f4ccfcff2528

Headers

File Characteristics

Imports

kernel32

gdi32

comctl32

shell32

user32

Sections

.text Size: 90KB - Virtual size: 89KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 18KB - Virtual size: 17KB

UMayn4jS Size: 2KB - Virtual size: 120KB

.text
Size: 90KB - Virtual size: 89KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 18KB - Virtual size: 17KB

UMayn4jS
Size: 2KB - Virtual size: 120KB