085c2a420a0a9e8ac4ee97402db5b88e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

085c2a420a0a9e8ac4ee97402db5b88e_JaffaCakes118
Size

90KB
MD5

085c2a420a0a9e8ac4ee97402db5b88e
SHA1

3d3fd134def6d546160fed338e55a0c161a9afec
SHA256

d9f6fc4bd19f1b8cfddb2c3f50baf3bff104be433cc0bc375799d9cc535efbe6
SHA512

324dc4b763f8378a4d929273d63a05f8635813c5186d698d36c80afb1db5ade4c281f74a64e8ac68c350e8fe025f916ce09bb5342e4397a7a9953f602bbf0730
SSDEEP

1536:Vu51fOpB1dbiaIT2r3Edo5OphO10LGnLPY4nv1:VuXqHZlYdEO3O1D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
085c2a420a0a9e8ac4ee97402db5b88e_JaffaCakes118

Files

085c2a420a0a9e8ac4ee97402db5b88e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5be50d8e9b42d791e4c1d4fe31391a8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA
SHGetDesktopFolder

kernel32

HeapDestroy
lstrcpyA
Sleep
GetCurrentThreadId
GetDateFormatA
GetACP
lstrlenA
LoadLibraryExA
GetStringTypeA
CreateFileA
GetCurrentProcess
GlobalDeleteAtom
GetLastError
GetProcessHeap
GetOEMCP
GlobalAlloc
GetVersionExA
ExitProcess
GetCurrentProcessId
GetCommandLineA
ResetEvent
WideCharToMultiByte
GetProcAddress
CloseHandle
SetFilePointer
GetFullPathNameA
FormatMessageA
lstrcmpA
LocalReAlloc
lstrcpynA
GetCurrentThread
VirtualAlloc
LocalAlloc

user32

GetLastActivePopup
ShowWindow
GetActiveWindow
SetTimer
GetClipboardData
GetKeyState
BeginPaint
IsWindowEnabled
BeginDeferWindowPos
GetCursor
GetDCEx
GetMenu
EnumWindows
EnableWindow
CreateMenu
GetForegroundWindow
CheckMenuItem
FillRect
DrawEdge
GetCursorPos
EndPaint
GetMenuState
IsChild
GetWindow
GetFocus
CharToOemA
GetSubMenu
GetClassLongA
EnumChildWindows
SystemParametersInfoA
IsWindowVisible
GetCapture

Sections

CODE
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 209B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5be50d8e9b42d791e4c1d4fe31391a8a

Headers

File Characteristics

Imports

shell32

kernel32

user32

Sections

CODE Size: 8KB - Virtual size: 7KB

.data Size: 5KB - Virtual size: 28KB

.edata Size: 68KB - Virtual size: 67KB

BSS Size: 7KB - Virtual size: 6KB

.bss Size: 512B - Virtual size: 209B

.rsrc Size: 1024B - Virtual size: 571B

CODE
Size: 8KB - Virtual size: 7KB

.data
Size: 5KB - Virtual size: 28KB

.edata
Size: 68KB - Virtual size: 67KB

BSS
Size: 7KB - Virtual size: 6KB

.bss
Size: 512B - Virtual size: 209B

.rsrc
Size: 1024B - Virtual size: 571B