ef27aa781c0aa40a0345649f345a00ba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ef27aa781c0aa40a0345649f345a00ba_JaffaCakes118
Size

46KB
MD5

ef27aa781c0aa40a0345649f345a00ba
SHA1

f888311527941ae52e2a12e6d2b56ecc60425491
SHA256

dab0e1b2855d74139f1defb77770cf84a2df759994d0ce460fc541d1fbf72cc6
SHA512

58d372235a010c6215d23b025849a30e0a9c5674d7de2b907cebd49fcda78f83a361b253cc4072a01fb4ffa15d553273b33eced6b561e7460109a27f8ce89af9
SSDEEP

768:tulhawuT9Cx/VfguhKaTowFZKATFka6apn2:tulkHIcYTFka6ap

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef27aa781c0aa40a0345649f345a00ba_JaffaCakes118

Files

ef27aa781c0aa40a0345649f345a00ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

06738398c960c31b01d4a5a5b87de7c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
CreateDirectoryA
lstrlenA
GetCurrentProcess
SetLastError
SetCurrentDirectoryA
LoadLibraryA
RaiseException
InterlockedExchange
LocalAlloc
GetWindowsDirectoryA
lstrcatA
lstrcpyA
CopyFileA
GetLastError
FormatMessageA
LocalFree
FindResourceA
LoadResource
LockResource
FreeResource
MultiByteToWideChar
GetCurrentProcessId
lstrcmpiA
lstrcmpA
GetModuleHandleA
GetProcAddress
FreeLibrary
GetVersionExA
GetStartupInfoA

user32

LoadIconA
DrawTextA
MapWindowPoints
CharLowerA
ScreenToClient
GetDesktopWindow
PtInRect
MoveWindow
SetTimer
PostMessageA
KillTimer
IsWindow
LoadCursorA
WindowFromPoint
DefWindowProcA
GetWindowThreadProcessId
GetClientRect
SetWindowLongA
UpdateWindow
GetWindowDC
GetSysColor
InflateRect
ReleaseDC
GetDlgItem
CreateWindowExA
SetWindowPos
RegisterClassExA
GetSystemMetrics
GetMessageA
TranslateMessage
MessageBoxA
DispatchMessageA
ShowWindow
SendMessageA
GetWindowLongA
BeginPaint
GetClassNameA
GetWindowRect
GetSystemMenu
AppendMenuA
ExitWindowsEx
DestroyWindow
EnableWindow
DialogBoxParamA
IsWindowVisible
PostQuitMessage
EndDialog
GetActiveWindow
EnumWindows
GetWindowTextA
GetDlgItemTextA
wsprintfA
SetDlgItemTextA
IsDlgButtonChecked
GetCursorPos
InvalidateRect
GetParent
EndPaint

gdi32

GetPixel
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
TextOutA
SetTextColor
SetPixel
MoveToEx
CreatePen
SetBkMode
CreateFontIndirectA
GetStockObject
GetObjectA
GetTextExtentPoint32A
LineTo
DeleteDC
DeleteObject

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
SHGetSpecialFolderLocation

ole32

CoUninitialize
CoCreateInstance
CoInitialize

comctl32

PropertySheetA

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
atoi
_ftol
__p___argv
strrchr
memset
_controlfp

Sections

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06738398c960c31b01d4a5a5b87de7c5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

comctl32

msvcrt

Sections

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 11KB - Virtual size: 11KB

.rsrc Size: 30KB - Virtual size: 30KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 30KB - Virtual size: 30KB