eac208eaaeade3d7b93abf20e490c070_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eac208eaaeade3d7b93abf20e490c070_JaffaCakes118
Size

131KB
MD5

eac208eaaeade3d7b93abf20e490c070
SHA1

661c2227fd98d07cb313491918e96696bc3ef1ed
SHA256

47ff5712479094b9b0f56f8355c79f68e6c1cf0a73df81941ba4e15d7869615a
SHA512

db699e4154e38de1cd29a7a5986ca17cb1e246075c5b76bcc50e762cc6ef089d7e45141d808ed79887ef3f1b76c73ba5231a1c41862f24180dc9019590c9f6ac
SSDEEP

1536:XR6JlmvbgqIKrHkgtuf3O7nGgarSgRwvvwLm8NJLFAKJMV5Vy6KKUKw0Fdnu4w6v:XR6Jk/Ef3OCgaqvYLm8PHRPKUzTksyZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eac208eaaeade3d7b93abf20e490c070_JaffaCakes118

Files

eac208eaaeade3d7b93abf20e490c070_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a92057803435db774fb1fab2484ca34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

OpenIcon
GetWindowDC
SetMenu
wsprintfA
SetFocus
OffsetRect
DrawTextA
UnregisterClassA
DrawIcon
EnableWindow
GetKeyboardLayoutNameA
GetMenu
GetKeyboardState
ChildWindowFromPoint
GetWindow
GetClassNameA
DefWindowProcA
RemoveMenu
EnumWindows
IsCharUpperA
GetSystemMenu
DrawMenuBar
FrameRect
SetForegroundWindow
GetMessagePos
GetDC
GetIconInfo
DestroyCursor
GetKeyState
SetParent
DestroyIcon
EnumChildWindows
UpdateWindow
MapWindowPoints
SetClassLongA
WaitMessage
GetActiveWindow
GetSystemMetrics
SendMessageA
IsDialogMessageA
IsWindow
DestroyWindow
EnumThreadWindows
GetKeyNameTextA
AdjustWindowRectEx
SetClipboardData
GetParent
RegisterClipboardFormatA
GetForegroundWindow
KillTimer
IsMenu
CharNextA
PtInRect
PostQuitMessage
MoveWindow
UnhookWindowsHookEx
ActivateKeyboardLayout
SetWindowPos
FindWindowA
SetActiveWindow
SetCursor
SetWindowLongA

comctl32

ImageList_Write
ImageList_GetBkColor
ImageList_DragShowNolock
ImageList_Add
ImageList_DrawEx
ImageList_Create
ImageList_Destroy
ImageList_Draw
ImageList_Read

kernel32

lstrcpynA
GetTickCount
LoadLibraryA
EnumCalendarInfoA
FindResourceA
GetThreadLocale
GetFileType
ExitThread
ExitProcess
GetCurrentProcess
GlobalAlloc
LocalReAlloc
ResetEvent
GetDateFormatA
DeleteCriticalSection
SizeofResource
EnterCriticalSection
MoveFileA
Sleep
DeleteFileA
VirtualAllocEx
GetStringTypeA

Exports

Exports

RZFxKWdICTH9
_uMXeXtUB@12
WdGbnJQkRFnFP
YIMGDbMCEM5
RPatbR_xcTH
_YGMciPNlWy@16
eiJyRiLg8IwY4
__RGQ_gyodgKNH
_UgwYHzoW7t@4
c9K7CD8d
_Hidhi9w7
_e1q1WTW2u@4

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 104KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a92057803435db774fb1fab2484ca34

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.data Size: 11KB - Virtual size: 10KB

.bss Size: 104KB - Virtual size: 240KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 7KB - Virtual size: 6KB

.data
Size: 11KB - Virtual size: 10KB

.bss
Size: 104KB - Virtual size: 240KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 3KB