d99aed2b305a4c5c4fa8945bae1bb80d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d99aed2b305a4c5c4fa8945bae1bb80d_JaffaCakes118
Size

239KB
MD5

d99aed2b305a4c5c4fa8945bae1bb80d
SHA1

0c792af08b240b2c4180ea3960d495b7c9c25d72
SHA256

188dea1c9ecbae39b58ad971f22d7d3a167d8a8a7c875a14fd45f61a5b4da8c7
SHA512

e80968bf78bf8c22f0235fd9b130012563f65735cdee80e95acdf2f9a6c6355b0f3f016d12c88fe0457c0b0dca5898c84df99cd3dbf298de66117f6399e54912
SSDEEP

6144:38rQWSyFiqlT6nbw5+Ebu77Ph4LctYhSwTSe5:38rnxFiqlT6sJbu7Lh4Ic9TSe5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d99aed2b305a4c5c4fa8945bae1bb80d_JaffaCakes118

Files

d99aed2b305a4c5c4fa8945bae1bb80d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e0475d5a33cb366e26c7198a00588e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetContextToken

kernel32

GetModuleHandleW
GetProcAddress
WaitForSingleObject
InitializeCriticalSection
ExitProcess
GetSystemDefaultLangID
lstrlenA
GetEnvironmentStrings
LoadLibraryExA
GetCommandLineA
LocalAlloc
VirtualAlloc
GetModuleHandleA
LoadLibraryA
GetCommandLineW
lstrlenW
CreateFileA

gdi32

SetTextColor
GetObjectA
GetClipBox
CreatePalette
GetCurrentPositionEx
SaveDC
GetPixel
GetDIBits
SelectPalette

advapi32

RegLoadKeyA
RegEnumValueA
RegQueryValueA

shlwapi

SHQueryValueExA

user32

SetMenu
SetWindowLongA
ShowWindow
ShowOwnedPopups
GetPropA
PeekMessageA
SystemParametersInfoA
GetCursorPos
UpdateWindow
PeekMessageW
LoadStringA
SetWindowsHookExA
MoveWindow
DestroyMenu
CharLowerBuffA
GetWindowDC
GetSystemMetrics
EndPaint
DestroyWindow
GetWindowTextA
EmptyClipboard
LoadCursorA
SetClassLongA
ClientToScreen
DrawIcon

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 423B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fdata
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddata
Size: 512B - Virtual size: 269B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e0475d5a33cb366e26c7198a00588e8

Headers

File Characteristics

Imports

ole32

kernel32

gdi32

advapi32

shlwapi

user32

Sections

.text Size: 86KB - Virtual size: 85KB

.data Size: 512B - Virtual size: 423B

.rdata Size: 10KB - Virtual size: 10KB

.fdata Size: 130KB - Virtual size: 130KB

.ddata Size: 512B - Virtual size: 269B

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 86KB - Virtual size: 85KB

.data
Size: 512B - Virtual size: 423B

.rdata
Size: 10KB - Virtual size: 10KB

.fdata
Size: 130KB - Virtual size: 130KB

.ddata
Size: 512B - Virtual size: 269B

.rsrc
Size: 10KB - Virtual size: 9KB