d1a397bac1a73c79da4086a5b5e4fe8c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d1a397bac1a73c79da4086a5b5e4fe8c_JaffaCakes118
Size

151KB
MD5

d1a397bac1a73c79da4086a5b5e4fe8c
SHA1

93125bfc3de51faa1b541d5b3d61b7753a4cd8be
SHA256

384c9e3d7cbb6bd6206d75ec49a3d6322031a50d485b150aaab7365fd439ac4e
SHA512

23d238cb2d03484c56a5697cc5ed7fd8c9d28a4db2121dffd258b1bfd7698beb9e70bd249d38df1e5428bc5dacd440b89e751297364ad79d4c876701197a91e4
SSDEEP

3072:7wKXeONCul+is1StW5CN0Ru+DHR0AcVX36dltUjcCqweYnYGZf5yqI2W:EKrBzs1dCOu8H/CHimcCX51yZB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1a397bac1a73c79da4086a5b5e4fe8c_JaffaCakes118

Files

d1a397bac1a73c79da4086a5b5e4fe8c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2b152eeafec8ec625eebfec5c04b02a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

wcslen
_vsnwprintf

shlwapi

StrTrimW
StrDupW
PathBuildRootA
StrFormatKBSizeA
PathSkipRootW

shell32

ord689

kernel32

GlobalDeleteAtom
GetCommState
CallNamedPipeW
SetupComm
FatalAppExitW
GetAtomNameW
GetThreadPriorityBoost
GetStdHandle
SetVolumeLabelW
CreateEventW
OpenEventW
UnregisterWait
FileTimeToDosDateTime
lstrcpyW
GetCurrentDirectoryW
LoadLibraryW
VirtualQuery
CreatePipe
SetNamedPipeHandleState
GetSystemTimeAdjustment
GetTickCount
WaitForSingleObjectEx
SetFileTime

user32

LockWorkStation
RealChildWindowFromPoint
EnumPropsExA
LookupIconIdFromDirectory
GetDlgItemTextA
GetKeyboardType
RedrawWindow
SetCursorPos
IsCharAlphaNumericW
GetDC
SetRectEmpty
SetParent
FindWindowExA
CreateMDIWindowA
CreateIconFromResourceEx
DialogBoxIndirectParamW
MapDialogRect
PostThreadMessageA
FillRect
DrawIcon
CreateAcceleratorTableW
GetWindowTextLengthA
SetScrollRange
LockWindowUpdate
LoadMenuW
EnumPropsA
PeekMessageW
GetAltTabInfoW
GetWindowRgn
SetMenuContextHelpId
MessageBoxW
MapWindowPoints
UnregisterHotKey
DispatchMessageW
FindWindowW
TranslateMessage
DrawStateA

gdi32

EndDoc
GetObjectA
Rectangle
CopyEnhMetaFileA
SetGraphicsMode
GetBrushOrgEx
GetTextColor
GetTextExtentPointA
CreateBitmapIndirect
GetFontUnicodeRanges
GetMetaRgn
GetOutlineTextMetricsA
AnimatePalette
GetWindowOrgEx
GetLayout
GetBitmapBits
ScaleWindowExtEx

advapi32

CopySid
MapGenericMask
IsValidAcl
GetSidSubAuthority

Exports

Exports

__InvalidateRgn@12
__ValidateRgn@12

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.etext
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.amem
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fntdat
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b152eeafec8ec625eebfec5c04b02a2

Headers

File Characteristics

Imports

ntdll

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 9KB

.etext Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 312B

.amem Size: 512B - Virtual size: 64B

.fntdat Size: 4KB - Virtual size: 3KB

.rsrc Size: 127KB - Virtual size: 127KB

.reloc Size: 1024B - Virtual size: 880B

.text
Size: 9KB - Virtual size: 9KB

.etext
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 312B

.amem
Size: 512B - Virtual size: 64B

.fntdat
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 127KB - Virtual size: 127KB

.reloc
Size: 1024B - Virtual size: 880B