c8887fb63d7b160e50d375e78f664fe5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c8887fb63d7b160e50d375e78f664fe5_JaffaCakes118
Size

25KB
MD5

c8887fb63d7b160e50d375e78f664fe5
SHA1

17fe8cbe0d107b14734a10f1dd88fa3d8273515a
SHA256

ac7989de30ba3d7f6ec79b5f44a0b0b40eaadb902051038a1828ec3580071533
SHA512

59df5f81f61c88ab1da004ee025c664d255b3aa670b8a5d104c966621aa2f302a9ea3f3353f6a0fbfbd4016b9541c1bfb6f3296dd95a0412ecf4a62dd9760208
SSDEEP

384:R7nfnNSNu6V+62AxkfUH6qrdfgsoxtsEOwZSl3RIrY7W2tulRum6SJkM:9fnNv6pkfUfdO49wZ65tWYSJkM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8887fb63d7b160e50d375e78f664fe5_JaffaCakes118

Files

c8887fb63d7b160e50d375e78f664fe5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

73e63fa744fc6e6439e2f82d27d746ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrcmpiW
LeaveCriticalSection
GetProcAddress
lstrlenW
GetVersion
lstrcmpW
LoadResource
SizeofResource
GetCurrentThreadId
GetModuleHandleA
GlobalAlloc
GetSystemDirectoryW
VirtualAlloc
GlobalFree
GetProfileStringW
GlobalAddAtomW
GlobalDeleteAtom
GetModuleFileNameW
GetEnvironmentVariableW
EnterCriticalSection
FindResourceW

ws2_32

WSAGetLastError

gdi32

CreateDIBitmap
SetBkMode
SelectObject
IntersectClipRect
BitBlt
SetTextColor
DeleteObject
CreateSolidBrush
ExtTextOutW
PatBlt
GetTextExtentPointW
GetDeviceCaps
CreateCompatibleDC
DeleteDC
SetBkColor

adsldpc

ADsFreeColumn

ntdll

NtFindAtom

user32

ClientToScreen
SetWindowsHookExW
GetClientRect
CharNextW
GetDC
GetClassNameW
GetWindowRect
DefWindowProcW
CharPrevW
BeginPaint
IsWindowEnabled
IsIconic
RemovePropW
DrawTextW
GetWindowTextW
SendMessageW
GetWindowLongW
ValidateRect
InvalidateRect
SetWindowLongA
IsWindowUnicode
UnhookWindowsHookEx
ShowCaret
IntersectRect
OffsetRect
GetSystemMetrics
GetFocus
ExcludeUpdateRgn
GetPropW
GetWindowDC
CallNextHookEx
ReleaseDC
EndPaint
GetClassInfoW
MapWindowPoints
SetWindowLongW
GetParent
SetPropW
CallWindowProcW
DrawFocusRect
HideCaret
InflateRect
GetSysColor
DefDlgProcW
ScreenToClient
GetWindowTextLengthW
MessageBoxA
GetWindow

Sections

.textbss
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 440B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

73e63fa744fc6e6439e2f82d27d746ee

Headers

File Characteristics

Imports

kernel32

ws2_32

gdi32

adsldpc

ntdll

user32

Sections

.textbss Size: - Virtual size: 96KB

.text Size: 512B - Virtual size: 440B

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 216B

.idata Size: 23KB - Virtual size: 22KB

.textbss
Size: - Virtual size: 96KB

.text
Size: 512B - Virtual size: 440B

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 216B

.idata
Size: 23KB - Virtual size: 22KB