0e3dc82746860383ff5344d985f2b2cd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0e3dc82746860383ff5344d985f2b2cd_JaffaCakes118
Size

136KB
MD5

0e3dc82746860383ff5344d985f2b2cd
SHA1

d32b65893bbfcffd6fbf94a482c8bf0f57b691cf
SHA256

8d43d808899ef8e4b0ef582ece0c422efb538dc99d6bfc218258c642762f0515
SHA512

60e79deaf42c87e7afd7d0678439d21ef860bb7803820f4e31bf917d922c06ed518a201b1a20fdf8782d47f4e507e169ebb76933c49a6229db86ec2cf36d81ec
SSDEEP

3072:WemhGjwu66N2Qp6iCrhDlglO5cJnyNbmHsfRKPQj:ShG0u6uxp6fhDeic5yNbmeJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e3dc82746860383ff5344d985f2b2cd_JaffaCakes118

Files

0e3dc82746860383ff5344d985f2b2cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea1cd063c6cd3f58eb743bed4d62c5e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyboardState
MoveWindow
LoadKeyboardLayoutA
GetSubMenu
IsDialogMessageW
GetScrollInfo
GetKeyState
DestroyMenu
FillRect
GetKeyboardLayout
SendMessageW
DefFrameProcA
ActivateKeyboardLayout
CharNextW
LoadCursorA
DrawAnimatedRects
DestroyIcon
GetWindowThreadProcessId
MessageBeep
GetIconInfo
SetFocus
FindWindowA
PeekMessageA
GetDC
OpenIcon
InsertMenuItemA
GetCapture
GetClassNameA
DispatchMessageW
ChildWindowFromPoint
CheckMenuItem
RegisterClassA
WaitMessage
SetWindowPlacement
GetKeyboardLayoutList
GetDCEx
CreateWindowExA
SetMenuItemInfoA
GetKeyNameTextA
GetKeyboardType
LoadIconA
DestroyCursor
SetMenu
SetScrollPos
IsDialogMessageA
GetCursorPos
GetLastActivePopup
InflateRect
IsCharUpperA
KillTimer
IsWindowVisible
IsMenu
GetFocus
IsChild
IsWindowEnabled
DrawEdge
CharNextA
GetSysColorBrush
IntersectRect
GetMenu
GetTopWindow
GetMenuItemCount
GetPropA
DestroyWindow

version

VerQueryValueA

kernel32

HeapFree
GetDateFormatA
VirtualAllocEx
FreeLibrary
ResetEvent
GetLocaleInfoA
GetFileSize
GlobalFindAtomA
GlobalDeleteAtom
CloseHandle
MoveFileA
GetProcessHeap
GetCurrentThreadId
GetACP
SetErrorMode
GetOEMCP
GetModuleHandleA
GetDiskFreeSpaceA
SetLastError
LoadLibraryA
ExitProcess
VirtualFree
GetLastError
GetModuleFileNameA

Exports

Exports

H1QmD7zPd@20

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 107KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea1cd063c6cd3f58eb743bed4d62c5e5

Headers

File Characteristics

Imports

user32

version

kernel32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.data Size: 12KB - Virtual size: 11KB

.bss Size: 107KB - Virtual size: 206KB

.idata Size: 3KB - Virtual size: 3KB

.edata Size: 512B - Virtual size: 76B

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 12KB - Virtual size: 11KB

.bss
Size: 107KB - Virtual size: 206KB

.idata
Size: 3KB - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 76B

.rsrc
Size: 4KB - Virtual size: 3KB