fa283be39f8e1f0c7db2a307d70ec05c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fa283be39f8e1f0c7db2a307d70ec05c_JaffaCakes118
Size

212KB
MD5

fa283be39f8e1f0c7db2a307d70ec05c
SHA1

10c1e6f7f210a6d993c6cc75ff8494354b834c41
SHA256

2cb416fae954f7efe90b79d8370fc7fd717756af7679c23a2a1fd3b1ff2ffa6c
SHA512

10303f63b6b3aa6c6f326d5cb93266dc4834798758992d3feb8b7373105514af0322608fd24661eb67ccc1138e1865159e5641932ae88bcf9100c6c609bdfd55
SSDEEP

3072:T1PsHi3TDR1zq/gPs65HVGscfSIY1XxrLXkGwtY2LjjQ7XBBrxFi:T1Eg1zq/dIGscKIY1XxPUGKXjqXB8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa283be39f8e1f0c7db2a307d70ec05c_JaffaCakes118

Files

fa283be39f8e1f0c7db2a307d70ec05c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

961269676a84bbb0c218388aed26909e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DeleteMenu
FindWindowA
FrameRect
GetCursorPos
GetWindowLongA
InvalidateRect
IsWindowEnabled
IsWindowVisible
OemToCharA
ReleaseCapture
SendMessageA
SetScrollPos
SystemParametersInfoA
WinHelpA
wsprintfA

shell32

CommandLineToArgvW
DragFinish
ExtractIconA
ExtractIconExA
ExtractIconExW
ExtractIconW
FindExecutableW
SHAddToRecentDocs
SHChangeNotify
SHCreateDirectoryExA
SHGetDesktopFolder
SHGetFileInfo
SHGetFolderLocation
SHGetFolderPathA
SHGetFolderPathW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
ShellExecuteA
ShellExecuteEx
Shell_NotifyIconA

gdi32

CreateCompatibleBitmap
CreateDIBitmap
CreateFontIndirectW
CreateFontW
CreateHatchBrush
CreateMetaFileW
Ellipse
EnumEnhMetaFile
GetTextExtentPoint32A
GetTextMetricsW
GetViewportExtEx
SelectClipRgn
SetDIBitsToDevice
SetWinMetaFileBits
StretchBlt

kernel32

CreateProcessW
FindResourceW
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
GetExitCodeThread
GetFileAttributesW
GetFileSize
GetFileTime
GetLocaleInfoA
GetOEMCP
GetStartupInfoW
GetStringTypeA
GetUserDefaultLCID
GetVersionExA
GetVersionExW
GlobalHandle
GlobalLock
InterlockedCompareExchange
LocalFree
SetCurrentDirectoryA
SetLastError
Sleep
UnhandledExceptionFilter
VirtualQuery

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

94CU6LOE
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

961269676a84bbb0c218388aed26909e

Headers

File Characteristics

Imports

user32

shell32

gdi32

kernel32

Sections

.text Size: 89KB - Virtual size: 88KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 18KB - Virtual size: 17KB

94CU6LOE Size: 2KB - Virtual size: 120KB

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 18KB - Virtual size: 17KB

94CU6LOE
Size: 2KB - Virtual size: 120KB