ce876d05dfd2a21a5fbf94a4f2a0abc1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ce876d05dfd2a21a5fbf94a4f2a0abc1_JaffaCakes118
Size

164KB
MD5

ce876d05dfd2a21a5fbf94a4f2a0abc1
SHA1

2ee08541af89fbabcd08dac579e5bbc967b75247
SHA256

621bf1fcd9ea78d3f8daed58bb170048ef7cc95f8ac4ba0be490dc2a8b043101
SHA512

5594a76dfbfe5bcc02eee1f8d94c9cbcbb490b5f2b39faedea35cc7f2fe08eb1780b1116159b3ca547a8e000e3af809d7071618d9b1d1b1560f760eee1c97288
SSDEEP

1536:/nkxJ9B4wo2pg0D9no4U9Emdn41Cg+E8gQiHf2gtI0cHf:m7B/+cnm9Emdn41Cg+E8Qd60

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce876d05dfd2a21a5fbf94a4f2a0abc1_JaffaCakes118

Files

ce876d05dfd2a21a5fbf94a4f2a0abc1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c417036c78d9056e580471b03498419c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowTextA
LoadMenuA
GetCursor
GetDC
BlockInput
CopyIcon
DrawIconEx
CalcMenuBar
GetMenu
AppendMenuW
AlignRects
IsMenu
CreateIcon
AppendMenuA
DrawTextW
DrawTextA
CopyRect
CloseWindow
EndDialog
LoadCursorA

comctl32

ImageList_AddIcon
ImageList_Create
ImageList_Copy
ImageList_DragEnter
ImageList_DragLeave
ImageList_Remove
ImageList_ReplaceIcon
ImageList_GetDragImage
ImageList_Destroy
ImageList_GetIcon
ImageList_Draw
ImageList_DrawEx
ImageList_AddMasked
ImageList_LoadImage
ImageList_GetIconSize
ImageList_Merge
ImageList_Read
ImageList_LoadImageA
ImageList_DrawIndirect
ImageList_DragShowNolock
ImageList_GetImageRect
ImageList_EndDrag
ImageList_GetImageRect
ImageList_AddIcon
ImageList_LoadImageA
ImageList_Create
ImageList_GetImageCount
ImageList_Merge
ImageList_DragMove
ImageList_GetIconSize
ImageList_DragLeave
ImageList_LoadImageW
ImageList_DragEnter
ImageList_ReplaceIcon
InitCommonControls
ImageList_GetImageInfo
ImageList_GetDragImage
ImageList_Destroy
ImageList_Replace

kernel32

DeleteFileW
WriteFile
DeleteAtom
FindFirstFileA
ExitThread
GetStdHandle
SetLastError
CreateThread
GetCPInfo
Sleep
FindAtomA
CopyFileA
ReadConsoleA
CopyFileExA
GetFileSize
ReadFile
DeleteFileA
GetCommandLineA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 4.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 178B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c417036c78d9056e580471b03498419c

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 8KB - Virtual size: 5KB

.edata Size: 8KB - Virtual size: 4KB

.data Size: 116KB - Virtual size: 4.8MB

.tls Size: 4KB - Virtual size: 178B

.rdata Size: 4KB - Virtual size: 2KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 8KB - Virtual size: 5KB

.edata
Size: 8KB - Virtual size: 4KB

.data
Size: 116KB - Virtual size: 4.8MB

.tls
Size: 4KB - Virtual size: 178B

.rdata
Size: 4KB - Virtual size: 2KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 12KB - Virtual size: 11KB