0e51247223440d9d775aa2d77339830e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0e51247223440d9d775aa2d77339830e_JaffaCakes118
Size

165KB
MD5

0e51247223440d9d775aa2d77339830e
SHA1

097945c5fa65b3a6694d5d9b3f8f67e5107d1948
SHA256

db93bee0f45729b780ef5ff73a766f285ac4cca962dd3f5df2dac16d24bec26e
SHA512

93b955102992e1ebc69f62898909a330c36c5986b57251c6580d1a6528c3c1e699afd25137fd5c2ff633f51dfa3df6e82dc99435995d571f0f49121d495437c0
SSDEEP

3072:zGOITayGpatvn3yxFF+U8pneeH+zOr25ifNK6S7:FIVtP3EFMU8w4+zy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e51247223440d9d775aa2d77339830e_JaffaCakes118

Files

0e51247223440d9d775aa2d77339830e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

61c70012e988bbd1e20b3b4f476fe02f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

LineTo
GetClipBox
CreatePenIndirect
GetPaletteEntries
SetBkMode

user32

MessageBeep
CloseClipboard
DrawAnimatedRects
IsDialogMessageA
ChildWindowFromPoint
IsIconic
IsRectEmpty
SetScrollRange
DispatchMessageW
GetSystemMetrics
BeginPaint
IntersectRect
GetScrollInfo
DrawIcon
PostMessageA
ScrollWindow
SetCursor
GetCursorPos
OffsetRect
GetActiveWindow
DestroyMenu
CreateMenu
SetWindowLongA
SetMenuItemInfoA
DestroyWindow
GetDCEx
GetForegroundWindow
MapWindowPoints

comdlg32

FindTextA
GetFileTitleA

oleaut32

OleLoadPicture
SafeArrayUnaccessData
VariantChangeType
RegisterTypeLib

shell32

SHGetDesktopFolder
SHFileOperationA
DragQueryFileA
Shell_NotifyIconA

kernel32

SetHandleCount
VirtualFree
GetCommandLineA
GetProcAddress
ExitProcess
GetSystemDefaultLangID
lstrlenA
GetFullPathNameA
ResetEvent
ReadFile
GetCurrentProcess
VirtualAllocEx
GetModuleHandleA
LoadLibraryA
ExitThread

advapi32

RegCreateKeyExA
GetUserNameA
RegOpenKeyA

ole32

CreateStreamOnHGlobal
CoCreateGuid
ReleaseStgMedium
OleRun
CoReleaseMarshalData
CLSIDFromProgID
CoGetContextToken
CreateBindCtx

version

GetFileVersionInfoSizeA

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 134KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61c70012e988bbd1e20b3b4f476fe02f

Headers

File Characteristics

Imports

gdi32

user32

comdlg32

oleaut32

shell32

kernel32

advapi32

ole32

version

Sections

.text Size: 15KB - Virtual size: 15KB

.idata Size: 134KB - Virtual size: 225KB

.edata Size: 3KB - Virtual size: 2KB

.tls Size: 2KB - Virtual size: 2KB

.rdata Size: 9KB - Virtual size: 9KB

.text
Size: 15KB - Virtual size: 15KB

.idata
Size: 134KB - Virtual size: 225KB

.edata
Size: 3KB - Virtual size: 2KB

.tls
Size: 2KB - Virtual size: 2KB

.rdata
Size: 9KB - Virtual size: 9KB