e239af4b89490cdd014893a05ce5f6e1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e239af4b89490cdd014893a05ce5f6e1_JaffaCakes118
Size

117KB
MD5

e239af4b89490cdd014893a05ce5f6e1
SHA1

84f65bcadb72dc6a98f9f86ef03559ca524749f0
SHA256

c0cd064fc673a5a85f6d7fa6749dc717dc315b867d70bfedba10dfddf04d6d18
SHA512

ccb73f4e9724eb05441974392e47fe37387c45f53bdc5f2d5d69d96ba45e2024962033ac3ef61f6ffd80f20ad446d0bcc5385212ed64e8dd3e4436f8b5c9b976
SSDEEP

3072:8aiHPfYwn4YGlxyUku2A0F+5qKGZjt7tCx3zTPzQg3qq:LiownV4yVA0Fj5t7Yx3PsQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e239af4b89490cdd014893a05ce5f6e1_JaffaCakes118

Files

e239af4b89490cdd014893a05ce5f6e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea45b1523ef9fa357a5409576cfb01cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsDirectoryA
SHSetValueA
SHQueryInfoKeyA
SHGetValueA
SHStrDupA
SHDeleteValueA

user32

SendMessageA
LoadCursorA
SetFocus
GetDC
GetCursor
GetWindowTextLengthA
InsertMenuA
GetPropA
CharUpperA
GetWindowThreadProcessId
CloseClipboard
SetForegroundWindow
MapVirtualKeyA
FindWindowA
GetMenu
ClientToScreen
GetMenuState
SetParent
GetClassInfoA
GetActiveWindow
DrawMenuBar
SetWindowsHookExA
GetKeyboardState
GetSystemMenu
ScreenToClient
DefMDIChildProcA
CreateWindowExA
SetClassLongA
CharNextA
RedrawWindow
WaitMessage
GetClassLongA
GetWindowPlacement
GetScrollPos
PostMessageA
SetMenuItemInfoA
GetParent
IsDlgButtonChecked
CharLowerA
GetTopWindow
DrawFrameControl
DrawIcon
LoadIconA
RemoveMenu
SetMenu
IsRectEmpty
GetMenuItemCount
LoadKeyboardLayoutA
EmptyClipboard
GetKeyNameTextA
SetWindowPos
PeekMessageA
CharToOemA
ChildWindowFromPoint
GetIconInfo
ReleaseDC
SetCursor
ActivateKeyboardLayout
IsWindowUnicode
GetMenuStringA
GetScrollRange
GetSysColor
DestroyWindow

kernel32

GetCPInfo
CreateFileA
GetDiskFreeSpaceA
LocalFree
GetStringTypeW
GlobalAlloc
lstrcpynA
HeapFree
LocalReAlloc
GetACP
WideCharToMultiByte
GetSystemDefaultLangID
SetErrorMode
SetLastError
SetEndOfFile
GetTickCount
GetDateFormatA
GetModuleFileNameA
VirtualAlloc
SetFilePointer
GetLastError
GetTempPathA
EnterCriticalSection
HeapAlloc
lstrcmpiA
SetEvent
MulDiv
GlobalAddAtomA
SizeofResource
GetOEMCP
LoadLibraryExA
GetFileType
LocalAlloc
FindResourceA
GetFullPathNameA
LoadLibraryA
MoveFileExA
ResetEvent
ReadFile
GetEnvironmentStrings
GetCommandLineW
HeapDestroy
WaitForSingleObject
GetStringTypeA
GetVersionExA
SetHandleCount
lstrlenA
IsBadHugeReadPtr
Sleep
CompareStringA
GetLocaleInfoA
GetCurrentProcessId
CreateThread
GetFileSize
EnumCalendarInfoA
GetVersion
lstrcmpA
GetCurrentThreadId
VirtualFree
MoveFileA
CloseHandle
GetCommandLineA

gdi32

GetDIBColorTable
GetDCOrgEx

Exports

Exports

S__Ry@4

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea45b1523ef9fa357a5409576cfb01cb

Headers

File Characteristics

Imports

shlwapi

user32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 98KB - Virtual size: 230KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 98KB - Virtual size: 230KB

.rsrc
Size: 2KB - Virtual size: 1KB