fea7633a1bad2af43ded12b381c0fef2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fea7633a1bad2af43ded12b381c0fef2_JaffaCakes118
Size

211KB
MD5

fea7633a1bad2af43ded12b381c0fef2
SHA1

f3fe0cdb413fec07f53619839de229f1648e6157
SHA256

dbf29b7b0db57b83d52e5795e1b442e734b74d7ff2702882e75e20d3e3c68075
SHA512

20c8e9fbb599ec544c3b23212cebb233d1db6642623886ef95b668ab9b1b10f2da7162035ab29135905ce08847a6f0dacd53b8b13dfbff882a07d334086a305b
SSDEEP

3072:o+S2a/1HJSKViDBT31VMxr1ZsqmZMZDrwyc73bJgKC+i223rIBu0xh5Py8WnqUrH:o1/CvDt31+r4ZgD/i2P0wChNN/uH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fea7633a1bad2af43ded12b381c0fef2_JaffaCakes118

Files

fea7633a1bad2af43ded12b381c0fef2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

20f6486dc989113e408c731c02da6a4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyCursor
DestroyMenu
DialogBoxParamA
FindWindowA
GetClientRect
IsWindow
IsZoomed
ReleaseCapture
SetCapture
SetForegroundWindow
TrackPopupMenu
UpdateWindow

gdi32

CreateCompatibleDC
CreateDCA
CreateHatchBrush
CreateRectRgnIndirect
DeleteMetaFile
EndPage
EndPath
Escape
GetBkMode
GetNearestPaletteIndex
GetPaletteEntries
GetROP2
GetStockObject
GetTextExtentPoint32W
GetWindowOrgEx
IntersectClipRect
RestoreDC
SetArcDirection
SetBkMode
SetDIBitsToDevice
SetPolyFillMode
SetROP2
StartDocA
StrokePath
UnrealizeObject

comctl32

ImageList_Add
ImageList_AddMasked
ImageList_DrawEx
ImageList_SetDragCursorImage

shell32

DragAcceptFiles
DragQueryFile
DragQueryFileW
ExtractAssociatedIconW
ExtractIconW
FindExecutableW
SHAddToRecentDocs
SHAppBarMessage
SHBindToParent
SHCreateDirectoryExA
SHFileOperationA
SHGetDiskFreeSpaceExW
SHGetFileInfo
SHGetFolderLocation
SHGetFolderPathA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA
ShellExecuteEx

kernel32

CreateEventA
ExpandEnvironmentStringsA
FindFirstFileA
GetFileSize
GetFileTime
GetOEMCP
GetShortPathNameA
GetVersion
HeapDestroy
MoveFileA
SetCurrentDirectoryA
VirtualQuery

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

82dxixNg
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

20f6486dc989113e408c731c02da6a4d

Headers

File Characteristics

Imports

user32

gdi32

comctl32

shell32

kernel32

Sections

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 99KB - Virtual size: 98KB

.rsrc Size: 18KB - Virtual size: 17KB

82dxixNg Size: 2KB - Virtual size: 120KB

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 99KB - Virtual size: 98KB

.rsrc
Size: 18KB - Virtual size: 17KB

82dxixNg
Size: 2KB - Virtual size: 120KB