0171ff9332571d0f7505c8088672e1df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0171ff9332571d0f7505c8088672e1df_JaffaCakes118
Size

148KB
MD5

0171ff9332571d0f7505c8088672e1df
SHA1

cc5df40a531b419886c97700a8c14cc223853550
SHA256

e98b161b5ea7882a18d1c4c149bf7267ed35c08bb4146c927259f43f13fdaecf
SHA512

ae2ccdbe3cf839180cbb10fc6d71690679752614761be0db2e53c89b2fc017044875b392e7ef24b44ca61e0025484f4b074b50c6e4b5987acb10a10767b45f7f
SSDEEP

3072:km29Lqr7Nka1PxXkdVqXXULnoNGGTf+Uc3abEkAa:thrhkOOa0Loh+AEk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0171ff9332571d0f7505c8088672e1df_JaffaCakes118

Files

0171ff9332571d0f7505c8088672e1df_JaffaCakes118
.exe windows:17134 windows x86 arch:x86

7a231bd3713505817ce212a650cc5edb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReleaseDC
GetSystemMetrics
LoadIconW
GetSystemMetrics
DestroyWindow
SetTimer
ShowWindow
DefWindowProcW
LoadStringW
GetWindowRect
PostMessageW
ShowWindow
DestroyWindow
GetWindowRect
PostMessageW
PostMessageW
GetDC
GetDlgItem
DestroyWindow
DestroyWindow
SetSystemMenu
DestroyWindow
DefWindowProcW
DefWindowProcW
SetTimer
GetDC
DestroyWindow
LoadStringW
GetMessageW
DefWindowProcW
PostMessageW
GetDlgItem
SetTimer
GetWindowRect

kernel32

VirtualFree
SetEvent
SetUnhandledExceptionFilter
SetEvent
GetProcessHeap
GetCommandLineW
VirtualFree
lstrcmpiW
FreeLibrary
lstrcmpiW
SetEvent
GetModuleHandleA
VirtualFree
GetCurrentProcessId
GetModuleHandleW
GetModuleHandleA
SetEvent
FreeLibrary
GetModuleHandleA
GetModuleHandleA
GetProcessHeap
GetCommandLineW
VirtualFree
VirtualFree
LocalAlloc
LocalAlloc
GetACP
GetACP
GetCommandLineA
GetACP
GetCommandLineW
VirtualAlloc
MultiByteToWideChar
SetEvent
GetModuleHandleA
GetProcessHeap
GetCurrentProcess
GetCurrentProcessId
GetCurrentProcess

gdi32

GetObjectW
CreateCompatibleBitmap
MoveToEx
GetStockObject
GetObjectW
GetTextMetricsW
TextOutW
PatBlt
SelectObject
TextOutW
SetTextColor
TextOutW
BitBlt
LineTo
GetObjectW
CreateCompatibleDC
PatBlt
GetTextMetricsW
SelectObject
GetDeviceCaps
LineTo
GetDeviceCaps
MoveToEx
SetBkColor
PatBlt
PatBlt
ExtTextOutW
PatBlt
BitBlt
MoveToEx
ExtTextOutW
CreateCompatibleDC
SetTextColor
TextOutW
DeleteObject
SetBkMode
SetBkMode
GetDeviceCaps
ExtTextOutW

Exports

Exports

vzNcIT
aEaNgJjJq
QnfKU
BACRJEGS
VxsPCXm
ZBfadZFOXT
RDHVtKCFi
hfgDT
xJIvI

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 117KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a231bd3713505817ce212a650cc5edb

Headers

File Characteristics

Imports

user32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 3KB - Virtual size: 64KB

.mdata Size: 117KB - Virtual size: 120KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 64KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 3KB - Virtual size: 64KB

.mdata
Size: 117KB - Virtual size: 120KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 64KB

.reloc
Size: 512B - Virtual size: 4KB