d33a22e239ec441bad886f3ad09a3231_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d33a22e239ec441bad886f3ad09a3231_JaffaCakes118
Size

36KB
MD5

d33a22e239ec441bad886f3ad09a3231
SHA1

dbaaf6e2ab3f60c55d426db57744661704ae5421
SHA256

8e08cc2ba6351e39ec66a6a3dad8c22eb05a4eb2e5ab558071c8de36a18ce226
SHA512

8e7abde89cca039fff18e67045de2b74d5fe18e15d7a3191ffeaefb7bde968f44550a062fa099594f47cbb39aef9e046cbfb6ad22580c16cc5bad63b97c6beef
SSDEEP

384:IKutpvHSh8hs82ODhsAcJSkPVac/O90XJL2y3RdYkaPMEdP3yY4OmnJL6AhAtjbq:TutpvHSh3PE+S6L2uYkKMQPiDHUxq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d33a22e239ec441bad886f3ad09a3231_JaffaCakes118

Files

d33a22e239ec441bad886f3ad09a3231_JaffaCakes118
.exe windows:10 windows x86 arch:x86

ae7587153b23f1aacba3cdace0e065b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMessageW
ShowWindow
SetWindowPos
DefWindowProcW
SetWindowTextW
CreateDialogParamW
ScreenToClient
CreateWindowExW
PtInRect
SendMessageW
ShowWindow
MapWindowPoints
GetWindowRect
GetParent
PostMessageW
DestroyMenu
SetTimer
CallWindowProcW
SendMessageA
SystemParametersInfoW
GetKeyboardState

gdi32

GetTextExtentPoint32W
LineTo
DeleteDC
SetBkMode
GetStockObject
GetTextMetricsW
CreateFontIndirectW
CreateCompatibleDC
StretchBlt
ExtTextOutW
CreateCompatibleDC
SetTextColor
TextOutW
SelectObject
GetObjectW
CreateSolidBrush
SetTextColor
GetObjectW
GetStockObject
SelectObject
BitBlt
CreateFontIndirectW
TextOutW
DeleteObject
ExtTextOutW
CreateFontIndirectW
GetStockObject
GetDeviceCaps
CreateSolidBrush
GetTextExtentPoint32W
SetBkColor
DeleteObject
SetTextColor
PatBlt
MoveToEx
GetObjectW

kernel32

GetACP
GetProcAddress
WaitForSingleObject
GetModuleHandleW
ExitProcess
lstrcpyW
QueryPerformanceCounter
CreateThread
VirtualAllocEx
HeapFree
SleepEx
GetModuleHandleA
VirtualFree
GetACP
SetUnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcessId
QueryPerformanceCounter
QueryPerformanceCounter
QueryPerformanceCounter
FormatMessageW
GetCurrentThreadId
FreeLibrary
GetStartupInfoA
GetProcessHeap
GetModuleHandleA
LocalAlloc
SetFilePointer
GetStartupInfoW
GetCommandLineW
Sleep
HeapReAlloc
GetCommandLineA
QueryPerformanceCounter
ExitProcess
WaitForSingleObject
lstrcmpiW
FreeLibrary
TerminateProcess
FormatMessageW

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae7587153b23f1aacba3cdace0e065b5

Headers

File Characteristics

Imports

user32

gdi32

kernel32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 56KB

.data Size: 12KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 4KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 56KB

.data
Size: 12KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 4KB