df6ebcc8dcbe903182d4475a16507114_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

df6ebcc8dcbe903182d4475a16507114_JaffaCakes118
Size

85KB
MD5

df6ebcc8dcbe903182d4475a16507114
SHA1

b4a141ea0f2bc9eef207bbdb92dca814b65f92ee
SHA256

f0be67e29ec74fac472b5d7e8918d34359a10d5875d03e7bf73cce63f5e23986
SHA512

aee1fb6651394d4910ea2fe262f9820e79d3dec47a68e86248df681d825ebd420b08ab93afd8830006885f367e3f645a326a8c2def35d92bcc8638c0a089c64d
SSDEEP

1536:tHbCPIjbnYMtTgsmcSTRZBPtNK3QaFJ8E:tHbCP2YYZ3SBPA1f8E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df6ebcc8dcbe903182d4475a16507114_JaffaCakes118

Files

df6ebcc8dcbe903182d4475a16507114_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9affb6c919304cb49c7370f4e5cb0fe9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SafeArrayGetElement
VariantChangeType
SafeArrayCreate
SysFreeString
SysReAllocStringLen
SafeArrayUnaccessData
GetErrorInfo
OleLoadPicture
SysAllocStringLen

user32

GetParent
SetCapture
CharLowerA
ShowScrollBar
DrawIconEx
GetLastActivePopup
SetClassLongA
GetKeyboardLayoutNameA
DefFrameProcA
DefMDIChildProcA
SetScrollPos
GetWindowDC
CheckMenuItem
ShowWindow
SetParent
GetCursor
GetKeyboardType
RegisterWindowMessageA
GetSysColorBrush
DestroyCursor
MapWindowPoints
CreateIcon
GetKeyboardLayout
GetKeyState
SetWindowLongA
EmptyClipboard
SetForegroundWindow
CreatePopupMenu
IsCharUpperA
GetScrollInfo
EndPaint
SetFocus
FindWindowA
IsWindowUnicode
SetTimer
GetScrollPos
IsDialogMessageA
GetClassLongA
GetSystemMenu
IsWindowEnabled
GetKeyboardLayoutList
InflateRect
LoadBitmapA
GetMenu
ReleaseCapture
SetMenuItemInfoA
SetScrollRange
WindowFromPoint
SetActiveWindow
CharLowerBuffA
RegisterClassA
MapVirtualKeyA
PostMessageA
OpenIcon
GetWindow
GetScrollRange
GetPropA
IntersectRect
DispatchMessageA
TranslateMDISysAccel
GetFocus
MessageBoxA
DispatchMessageW
IsDialogMessageW

kernel32

ExitProcess
FindClose
LoadLibraryA
GetLastError
VirtualAllocEx
GetFullPathNameA
WriteFile
GetACP
LocalFree
LocalAlloc
FreeLibrary
GetFileAttributesA
GetFileType
SetErrorMode
SizeofResource
GetVersionExA
WideCharToMultiByte
ExitThread
GetModuleHandleA
EnumCalendarInfoA
lstrcatA
VirtualQuery

Exports

Exports

_aOGpcUPiq7Ds9Q@20
MW_bCwD

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9affb6c919304cb49c7370f4e5cb0fe9

Headers

File Characteristics

Imports

oleaut32

user32

kernel32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 13KB - Virtual size: 12KB

.adata Size: 49KB - Virtual size: 48KB

.edata Size: 2KB - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 13KB - Virtual size: 12KB

.adata
Size: 49KB - Virtual size: 48KB

.edata
Size: 2KB - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 8KB