1422c6bf725197c4532472ad0eaa6819_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1422c6bf725197c4532472ad0eaa6819_JaffaCakes118
Size

143KB
MD5

1422c6bf725197c4532472ad0eaa6819
SHA1

1a453c43a13c474b515a99bf4d72f7f17b24643b
SHA256

837a9edb9f732dd0ec450305836774e2cebec954f42245f9dcefa8a08d267427
SHA512

1d6c90e0e9ef42190c377d7feb2d14786f2ebfad43eca470fee01e047caac06a4871203d6cb43a384b5f75a3abef8b3b8e43a8263945391561adfdc6e6337ebe
SSDEEP

3072:xEYnewE9XrW98WYjL8b7SZYOms3cud1KnIyKP7RJCa:xD6FrWej4buu0cunKIy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1422c6bf725197c4532472ad0eaa6819_JaffaCakes118

Files

1422c6bf725197c4532472ad0eaa6819_JaffaCakes118
.exe windows:4 windows x86 arch:x86

39ba620f2b1676394e9420021575d437

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
EnumChildWindows
DestroyIcon
SetScrollPos
OffsetRect
MessageBoxA
SetTimer
ShowWindow
DefFrameProcA
InflateRect
RemovePropA
GetWindowRect
WindowFromPoint
GetMenu
GetForegroundWindow
GetMenuItemInfoA
WaitMessage
ReleaseDC
GetSystemMenu
CallWindowProcA
GetWindow
DrawEdge
GetWindowLongA
SetWindowsHookExA
wsprintfA
GetActiveWindow
EnableScrollBar
SetCapture
CharUpperBuffA
SetWindowTextA
PeekMessageW
ChildWindowFromPoint
CheckMenuItem
ActivateKeyboardLayout
TranslateMDISysAccel
PeekMessageA
SetScrollInfo
TrackPopupMenu
ScrollWindow
CallNextHookEx
KillTimer
GetWindowDC
RegisterClipboardFormatA
ClientToScreen
SetWindowPos
IsMenu
RedrawWindow
GetWindowTextA
GetScrollPos
IsDialogMessageW
SetMenu
GetPropA
GetDCEx
CharLowerBuffA
ShowScrollBar
SendMessageW
IsWindow
GetClientRect
GetKeyboardState
SetPropA
AdjustWindowRectEx
InsertMenuItemA
LoadBitmapA

kernel32

SetLastError
FormatMessageA
lstrlenA
ExitThread
GetProcessHeap
GetCurrentProcess
GetFileAttributesA
GetTempPathA
GetStringTypeA
SetEvent
GetVersionExA
GetLocaleInfoA
MoveFileA
lstrcmpiA
ExitProcess
LoadLibraryA
lstrcpyA
LoadResource
GetCommandLineA
CreateThread
CreateFileA
GlobalAlloc
LocalReAlloc
DeleteCriticalSection
VirtualAlloc

version

VerInstallFileA
VerQueryValueA
GetFileVersionInfoSizeA

comctl32

ImageList_Draw
ImageList_Write
ImageList_GetBkColor
ImageList_Create

Exports

Exports

_ywbLx1cBMaMneX@20

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dadata
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39ba620f2b1676394e9420021575d437

Headers

File Characteristics

Imports

user32

kernel32

version

comctl32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 9KB - Virtual size: 97KB

.data Size: 99KB - Virtual size: 98KB

.edata Size: 2KB - Virtual size: 2KB

.dadata Size: 512B - Virtual size: 84B

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 9KB - Virtual size: 97KB

.data
Size: 99KB - Virtual size: 98KB

.edata
Size: 2KB - Virtual size: 2KB

.dadata
Size: 512B - Virtual size: 84B

.rsrc
Size: 8KB - Virtual size: 8KB