14ad607aefa88e222b03059f3f9736a0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14ad607aefa88e222b03059f3f9736a0_JaffaCakes118
Size

125KB
MD5

14ad607aefa88e222b03059f3f9736a0
SHA1

11829083634543305bb658c6f304cb4cb860029b
SHA256

5e37cf2fde07541cea8a85a20112f7b969d4df7024b635c541afdabcc47611d4
SHA512

ff575d926a56132a4229df5508d8f9c046f0e979a9ecd16f83e0dbbedc0dd58db37581ba42c54862e39c3f7a9adc97e8409a814a6ef468fea1028d4bd0377b35
SSDEEP

3072:ILlIukbttAOQuIbzh39Hq03sDO//ZwQ50TNHlZXm1O:SuF0SW9H3sS/XurZ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14ad607aefa88e222b03059f3f9736a0_JaffaCakes118

Files

14ad607aefa88e222b03059f3f9736a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e17254c56b2a5c89345dc75170bde2f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleA
ChooseColorA
GetOpenFileNameA

gdi32

CopyEnhMetaFileA
CreateCompatibleBitmap
SaveDC
CreateBrushIndirect
GetPaletteEntries
LineTo
GetCurrentPositionEx
CreatePenIndirect

version

VerFindFileA

shell32

SHGetSpecialFolderLocation

user32

SetMenuItemInfoA
SetWindowLongW
SetCursor
SetFocus
SetScrollRange
SetWindowPlacement
SetClipboardData
SetScrollInfo
SystemParametersInfoA
UnregisterClassA
SetPropA
TrackPopupMenu
TranslateMDISysAccel
ShowWindow
SetWindowTextA
UnhookWindowsHookEx
SetScrollPos
SetCapture
ShowOwnedPopups
SetClassLongA
SetTimer
SetParent
SetMenu
SetWindowsHookExA
ShowScrollBar
TranslateMessage
SetForegroundWindow
SetRect
SetWindowPos
SetWindowLongA

kernel32

GetLastError
VirtualQuery
CompareStringA
CreateEventA
WriteFile
lstrcmpA
GetCommandLineA
GetCPInfo
FreeResource
SetEvent
GetStartupInfoA
GetVersionExA
GetModuleHandleA
VirtualAlloc
MoveFileExA
GetOEMCP
SizeofResource
GetFileType
GetProcAddress
LoadLibraryA
GlobalAddAtomA
GetACP
GetDateFormatA
IsBadReadPtr
MoveFileA
FreeLibrary
GetModuleHandleW
GetTickCount
GetStdHandle
GetCurrentThread
ExitThread
LockResource
GetFileSize
GetDiskFreeSpaceA
LocalAlloc
GetFullPathNameA
SetFilePointer
LoadResource
SetLastError
GetModuleFileNameA
GetThreadLocale
GetCurrentProcess
EnumCalendarInfoA
CloseHandle
GlobalAlloc
WaitForSingleObject
FindResourceA
ResetEvent
CreateFileA
HeapAlloc
GetProcessHeap
LoadLibraryExA
HeapFree
ReadFile
GetEnvironmentStrings
ExitProcess
GetVersion
VirtualAllocEx
lstrlenA
GlobalFindAtomA
IsBadHugeReadPtr
GetUserDefaultLCID

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e17254c56b2a5c89345dc75170bde2f9

Headers

File Characteristics

Imports

comdlg32

gdi32

version

shell32

user32

kernel32

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 8KB

.fdata Size: 1KB - Virtual size: 1KB

.ddata Size: 64KB - Virtual size: 63KB

.gdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 884B

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 8KB

.fdata
Size: 1KB - Virtual size: 1KB

.ddata
Size: 64KB - Virtual size: 63KB

.gdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 884B