d499f3f3b67f473c994b941b20845964_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d499f3f3b67f473c994b941b20845964_JaffaCakes118
Size

140KB
MD5

d499f3f3b67f473c994b941b20845964
SHA1

186e1aea8fa69bcb2320c53525b9cffe5bcd2097
SHA256

791cf5e00636899cab66b25f810778ac38427252aba7ac90c59c22a8da32e3c1
SHA512

aedf79f285ab96ea6fdfa60cc16d0db097d98077cc29519c3def91550c2723e3e65464fc249df5fb8750f740e68e087b08e31bc9dbf41966f74ac06b2325b619
SSDEEP

3072:YfBphDprYzuxIsRIYjscJwlUXY1M5m0wS9lXO4:Ybhh7xVmYwIuUXnxwSHX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d499f3f3b67f473c994b941b20845964_JaffaCakes118

Files

d499f3f3b67f473c994b941b20845964_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b98fffd60ddd481b46898d294ec8a40a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsIconic
GetSysColorBrush
GetParent
PtInRect
GetScrollPos
ShowScrollBar
IsDlgButtonChecked
GetTopWindow
LoadCursorA
UnregisterClassA
GetMenuStringA
IsWindowEnabled
DrawFrameControl
MsgWaitForMultipleObjects
FillRect
WaitMessage
GetSysColor
InflateRect
GetCursor
CharLowerBuffA
SetMenu
GetMenu
GetIconInfo
OpenClipboard
IsWindow
UnhookWindowsHookEx
GetMenuItemCount
GetForegroundWindow
AdjustWindowRectEx
SetFocus
DestroyMenu
PostMessageA
GetDCEx
CharUpperA
IntersectRect
EnableWindow
EnumChildWindows
GetWindowLongW
ShowWindow
GetDlgItem
ReleaseDC
BeginPaint
MapWindowPoints
TrackPopupMenu
InsertMenuA
GetPropA
PostQuitMessage
CreateWindowExA
EnableMenuItem
ScreenToClient
GetMenuState
RegisterClassA
IsChild
ShowOwnedPopups
GetWindowTextA
IsCharLowerA
LoadStringA
UpdateWindow
GetClassNameA
PeekMessageW
GetMessagePos
DispatchMessageA
SetRect
DrawAnimatedRects
GetClientRect
EmptyClipboard
PeekMessageA
ClientToScreen
EndPaint
GetWindowRect
LoadKeyboardLayoutA
InvalidateRect

gdi32

GetTextColor
GetPixel

shell32

SHGetDiskFreeSpaceA
Shell_NotifyIconW
SHGetSpecialFolderLocation

kernel32

GetLastError
VirtualAllocEx
GetCommandLineA
GetOEMCP
GetModuleHandleA
ExitProcess
GetProcAddress
GetProcessHeap
lstrlenA
GetModuleFileNameA

Exports

Exports

_rEvQHgBEHX7y
01WlHBL_zdwO@4
_iabKmml@4
22xCqLPhHz0_iu@8
_ulOmRm2dDgq@12
HaETFEkdqea
ZFqfbQ1Oe@16
_JoMVkcDG
_njEUJCgN9LPHC@8
_9fKrWieNcEEAe@8
_Q2fsx
7EpO7ckO@8
XwpJfg1Z2n3WQu@4
zZtcsEDqVcHX2C@16
_lC40ClEt8tBHg
_0Axxz50dF
_4CYEiAmd@4
EtZq1@4

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b98fffd60ddd481b46898d294ec8a40a

Headers

File Characteristics

Imports

user32

gdi32

shell32

kernel32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 117KB - Virtual size: 216KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 117KB - Virtual size: 216KB

.rsrc
Size: 4KB - Virtual size: 4KB