112bd1ab1c938ce6a9eb807e1eb19516_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

112bd1ab1c938ce6a9eb807e1eb19516_JaffaCakes118
Size

179KB
MD5

112bd1ab1c938ce6a9eb807e1eb19516
SHA1

21e21daca121d0f518e9edfac4d0e145a4bc0eca
SHA256

5dbd5a0e36dff9a61f2444ff3aabd7bb1c275f2aa48ad793ed9407f83bb73b3d
SHA512

d8b16326330e9fae35b513751b47aa96511bfac28bde9d1703334e4bc81452a82f85c02c45316204cf1ba3575703fe8cae0fe3b9c923bc3f33c648991c079099
SSDEEP

3072:6JIRH8MiDKlghdTeDco1Hxbu30/BLEypsLS88:MsH8MirTeVN/tEyps

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
112bd1ab1c938ce6a9eb807e1eb19516_JaffaCakes118

Files

112bd1ab1c938ce6a9eb807e1eb19516_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1dd5d48c59d6b907bd24e3d42a70b7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryExA
FindFirstFileA
lstrcmpA
GetACP
GetStdHandle
LocalAlloc
ExitProcess
LoadResource
LoadLibraryA
GetStringTypeA
ExitThread
CloseHandle
GetModuleHandleA
GetVersionExA
GetCPInfo
VirtualAllocEx

user32

IsWindowUnicode
LoadKeyboardLayoutA
IsDialogMessageW
SetClipboardData
ReleaseCapture
DrawIcon
GetSysColorBrush
GetWindowLongA
IsIconic
MapWindowPoints
SetParent
LoadCursorA
GetIconInfo
IsWindow
GetCursorPos
ScrollWindow
InsertMenuItemA
UnregisterClassA
DrawTextA
CreateIcon
RegisterClipboardFormatA
OemToCharA
GetActiveWindow
GetMenuState
GetClassNameA
CharNextW
MsgWaitForMultipleObjects
TrackPopupMenu
GetKeyboardLayout
LoadStringA
ChildWindowFromPoint
KillTimer
GetKeyState
DestroyWindow
CreatePopupMenu
CallNextHookEx
GetKeyboardType
RemovePropA
EndPaint
GetClassLongA
GetCursor
EnableWindow
LoadIconA
SetClassLongA
TranslateMessage
WindowFromPoint
FillRect
InvalidateRect
EnableMenuItem
GetDCEx
SetForegroundWindow
InsertMenuA
IsZoomed
IsRectEmpty
CloseClipboard
RegisterClassA
GetScrollRange
GetKeyNameTextA
GetSubMenu
GetDC
IsChild
FrameRect
GetSysColor
GetKeyboardLayoutNameA
GetMenuItemID
CharUpperBuffA
DestroyIcon
ClientToScreen
TranslateMDISysAccel
PeekMessageA
CharLowerA
GetClientRect
ReleaseDC
ShowOwnedPopups
GetDlgItem
GetWindowLongW
RedrawWindow
SetScrollPos
GetWindowPlacement
EqualRect
GetMessagePos
ShowWindow
GetForegroundWindow
EnableScrollBar
SetScrollInfo
DefFrameProcA
wsprintfA
WaitMessage
AdjustWindowRectEx
GetMenuStringA
GetClipboardData
PostQuitMessage
SetWindowPos
CharNextA
IntersectRect
MessageBoxA
IsWindowEnabled
DrawEdge
CreateWindowExA
GetScrollInfo
GetClassInfoA
GetKeyboardState
IsDialogMessageA
EnumWindows
SetWindowsHookExA
GetSystemMenu
SendMessageA
GetWindow
DefMDIChildProcA
SetScrollRange
SetCursor
SendMessageW
GetKeyboardLayoutList
CharLowerBuffA
DrawAnimatedRects
GetDesktopWindow
GetWindowThreadProcessId
SetWindowPlacement
GetWindowTextA
GetScrollPos
GetLastActivePopup
GetFocus
GetWindowRect
DeleteMenu

ole32

CoRevokeClassObject

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 130KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1dd5d48c59d6b907bd24e3d42a70b7c

Headers

File Characteristics

Imports

kernel32

user32

ole32

Sections

.text Size: 35KB - Virtual size: 34KB

.data Size: 130KB - Virtual size: 237KB

.rdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 35KB - Virtual size: 34KB

.data
Size: 130KB - Virtual size: 237KB

.rdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 10KB - Virtual size: 10KB