eb79a948c9ac8d0c0e0ffe0c91c2cfa9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eb79a948c9ac8d0c0e0ffe0c91c2cfa9_JaffaCakes118
Size

75KB
MD5

eb79a948c9ac8d0c0e0ffe0c91c2cfa9
SHA1

41193d49b513d55a5d5716eb4c1007003694a25c
SHA256

522f401c5e58dd4a053d717ab5d2b277f1a56e066efc9278f65f294707849de7
SHA512

8c65a9fee2e62c9b2172877263c2678c3e8ba5c1e98991582399046189953c5d7dcd5d214a2c9dcf23ed6f6a80b8dcb8dac7e8627fb49581d6b8edfd9336ab37
SSDEEP

1536:PBgVp/YcrEfWHLWjd0Alcz2CHGkO7zyj8y2mU+RPJqUh:PBgVpjLAlcKlzPyjFUAPZh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb79a948c9ac8d0c0e0ffe0c91c2cfa9_JaffaCakes118

Files

eb79a948c9ac8d0c0e0ffe0c91c2cfa9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

959c086a8a160db172e52c3619233413

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RemoveMenu
IsWindowVisible
DestroyMenu
GetMenu
CharLowerA
IsMenu
DestroyWindow
IsChild
DrawFrameControl
ChildWindowFromPoint
SendMessageW
GetWindowDC
ScreenToClient
ReleaseDC
GetLastActivePopup
IsDlgButtonChecked
OpenIcon
SetWindowLongW
EnumThreadWindows
GetWindowLongW
DeleteMenu
EnableScrollBar
SetWindowPos
SetClassLongA
GetSubMenu
EndPaint
GetDC
EnumChildWindows
ReleaseCapture
SetPropA
UnhookWindowsHookEx
SetWindowTextA
SetWindowPlacement
EnumWindows
UpdateWindow
RegisterClipboardFormatA
DrawMenuBar
DrawEdge
GetClassNameA
wsprintfA
ShowOwnedPopups
FrameRect
GetMenuStringA
CheckMenuItem
EqualRect
LoadIconA
CreatePopupMenu
GetIconInfo
RegisterWindowMessageA
ShowWindow
GetWindowTextLengthA
CharNextW
MessageBoxA
GetKeyboardLayoutNameA
GetDCEx
LoadCursorA
OffsetRect
MessageBeep
GetKeyboardLayout
GetTopWindow
CreateWindowExA
CallWindowProcA
ShowScrollBar

kernel32

VirtualAllocEx
GetModuleFileNameA
GetLocalTime
GetFullPathNameA
LoadLibraryA
ExitProcess
GetLocaleInfoA

Exports

Exports

_ZkY_tvxIgm@4
pnVBII
Bu7yvfRA1hsG@8
jnWuMB
dzcloHKx@16
n7axaLzaJUk
hUc20XBzeP
GUJQEsv_t
pvP7ogX8nY2

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text

Sharing

General

Malware Config

Signatures

Files

959c086a8a160db172e52c3619233413

Headers

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 50KB - Virtual size: 86KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 50KB - Virtual size: 86KB

.rsrc
Size: 5KB - Virtual size: 4KB