c9597478093899c20e9317f1c0df66a7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c9597478093899c20e9317f1c0df66a7_JaffaCakes118
Size

131KB
MD5

c9597478093899c20e9317f1c0df66a7
SHA1

8d22ef2f25a406ce4445e0b8f2bea565fe5f9b76
SHA256

186e4f174a153f895a38888eecfe9a592e5aef9baa4a7e71d07d5eaca04a3fdf
SHA512

6628aaece33210e0f01dbbdd53933484e2cd82cdd097333d1ed2fdefb294e7c5966c2e4f1ea57cf93bfbe49b6aaa4a67f5ec9b5a5e3ca1ef968887154ef5304a
SSDEEP

3072:yXWvzzGGggnkXPy+5QKYq5XEz3IkNq+I4DiDpQPpQy:yWPagcy4aUnQq+I4DiVQPpP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9597478093899c20e9317f1c0df66a7_JaffaCakes118

Files

c9597478093899c20e9317f1c0df66a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c3876d428fad0cf93eaef8613a8d23c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyWindow
SetMenu
ClientToScreen
UnhookWindowsHookEx
MessageBoxA
CharUpperBuffA
ChildWindowFromPoint
GetDCEx
GetIconInfo
EnumChildWindows
SetFocus
GetWindowDC
LoadBitmapA
GetFocus
CheckMenuItem
GetMenu
SetForegroundWindow
GetScrollInfo
FrameRect
SetScrollPos
DrawAnimatedRects
wsprintfA
GetKeyboardLayoutNameA
GetWindowTextA
GetScrollPos
ReleaseCapture
DrawFrameControl
LoadIconA
GetClipboardData
IsZoomed
GetKeyboardLayout
SetScrollRange
RemoveMenu
GetWindow
MsgWaitForMultipleObjects
GetDlgItem
GetKeyboardLayoutList
MoveWindow
DeleteMenu
SystemParametersInfoA
GetKeyNameTextA
CloseClipboard
EnumThreadWindows
IsWindowUnicode
DispatchMessageW
DefMDIChildProcA
GetMenuState
GetTopWindow
RemovePropA
GetWindowLongW
GetDC
GetClassNameA
InflateRect
AdjustWindowRectEx
DestroyMenu
IsWindowVisible
ShowWindow
CallWindowProcA
GetKeyState
TranslateMessage
PostMessageA
SetWindowPlacement

shell32

Shell_NotifyIconW
SHGetFolderPathA

kernel32

MoveFileA
HeapFree
VirtualAllocEx
GetLastError
ExitProcess
SetEvent
InitializeCriticalSection
CloseHandle
VirtualQuery
RaiseException
GetModuleHandleA
ResetEvent
GetThreadLocale
LoadLibraryA
GetCurrentThreadId
LocalReAlloc
MulDiv
GetProcessHeap
LoadLibraryExA
LocalAlloc
lstrcmpA
MoveFileExA
CreateFileA
IsBadReadPtr

Exports

Exports

_JbBGPGy@20
gyOx1LAMj2X9B@8
_zMqVS@20
_niJDAj@12
2aRK2HlcFk8@20
_0dR93JKw
_y5zhPTofu@8
_5X3M2I9uX@20
ZgSSIZ3l@24
_Pu4W06A
_uhxDb6SO0

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 102KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c3876d428fad0cf93eaef8613a8d23c

Headers

File Characteristics

Imports

user32

shell32

kernel32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 11KB - Virtual size: 10KB

.bss Size: 102KB - Virtual size: 206KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 11KB - Virtual size: 10KB

.bss
Size: 102KB - Virtual size: 206KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 3KB