07aeb887434c4e4309480b407e0bc2df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07aeb887434c4e4309480b407e0bc2df_JaffaCakes118
Size

75KB
MD5

07aeb887434c4e4309480b407e0bc2df
SHA1

c4e5db94c7d41363cf9fe217b0d71b0ae6f62914
SHA256

cdee0c674b56ed8cbaa7e1e450a3e9ad1d560a0ba15d554cb9c6168057018535
SHA512

04ef2d879c967b8ab3b657d257078c570189e6569b8d7250d5d096b777902f099553e40e912cb5cc60ecede4f99239dc7b3f9e8a9fe5d949eb8f3d0226ece5c7
SSDEEP

1536:l/4cMM4BGzC6u4Hw7bxKcyAlbNlC76XJgz0B6EHTVkqxE6ri73yDjWZYezDXHC:KEUyzQccyKb22Xk0B6MVxE6r4CDaDX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07aeb887434c4e4309480b407e0bc2df_JaffaCakes118

Files

07aeb887434c4e4309480b407e0bc2df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a1cdd07762c7c63ca3656203c0e30f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
CreateJobObjectA
CloseHandle
LoadLibraryA
GetOverlappedResult
GetStringTypeExA
VirtualFree
FreeEnvironmentStringsA
TlsAlloc
GetTempFileNameW
GetModuleHandleA
WritePrivateProfileStringW
EnterCriticalSection
FindClose
VirtualAlloc
CopyFileExW
ClearCommError
GetFileAttributesA
GetModuleHandleW
WriteProfileStringW
EnumResourceTypesA
CreateDirectoryA
GetLastError
GetTimeFormatA
DeleteFileA
GetLocalTime
ExitProcess

msvcrt

is_wctype
_strnicmp
memmove
wcsrchr
_unlock
_ftime64
__set_app_type
iscntrl
_read
_creat
_waccess
_mbscat
memset
_stat
iscntrl
__initenv
_beep
_chdir
_Gettnames
_ungetch
memcpy
iswctype

gdi32

GetNearestColor
GetRgnBox
GetTextExtentExPointW
SetRectRgn
SetViewportExtEx
EqualRgn
MoveToEx
CreateSolidBrush
GetTextMetricsW
GetPixel
ExtCreatePen
GetDeviceCaps
SetDIBits
SetDIBitsToDevice
SelectObject

user32

LoadAcceleratorsA
IsClipboardFormatAvailable
AppendMenuW
GetNextDlgTabItem
DrawTextW
LoadImageW
CreatePopupMenu
IsDlgButtonChecked
GetMenu
EnumChildWindows
GetDC

winmm

waveOutGetErrorTextW
mciSendCommandW
mmioFlush
timeBeginPeriod
midiInMessage
joySetThreshold

Exports

Exports

PjkzrmiOfwtmbyXpwhqcx
Sjocl
WgWblrugcVzbrGtelLsb
ItidqWpbgvcd

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a1cdd07762c7c63ca3656203c0e30f4

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

winmm

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 17KB - Virtual size: 16KB

.rsrc Size: 34KB - Virtual size: 33KB

.reloc Size: 512B - Virtual size: 52B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 17KB - Virtual size: 16KB

.rsrc
Size: 34KB - Virtual size: 33KB

.reloc
Size: 512B - Virtual size: 52B