17e987958c820b42f83ba72ba42b33ec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

17e987958c820b42f83ba72ba42b33ec_JaffaCakes118
Size

17KB
MD5

17e987958c820b42f83ba72ba42b33ec
SHA1

2a04bd56fee018a383b98041e8f41501fe182351
SHA256

ae53f13b5f7ccc57a33f71a6b558c736f23b7df6d6e993eb1a8dd5ee7f0ff4d6
SHA512

23c5cc2009e9cabba70bc7e31e7650bc9c5defa7cdd0efc403748b9688f591faee79d59cc6a62c2d061c3f18360bb9e110ff72162fe5dbe8a1ecb24dbb01fb9a
SSDEEP

384:34EGsKfdATjJDdXiofFEbdUubh0dzUoBZNt1p5S3R/q+e:30yjJpioNEb9+lB5fgR/q+e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17e987958c820b42f83ba72ba42b33ec_JaffaCakes118

Files

17e987958c820b42f83ba72ba42b33ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9aaca65ed408828fabc1d103b6ad6d34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadKeyboardLayoutA
GetSysColor
DefWindowProcA
SendMessageA
EmptyClipboard
RemovePropA
RegisterClassA
IsDlgButtonChecked
GetMenu
GetDlgItem
GetWindowTextA
IsCharLowerA
ShowWindow
EqualRect
InsertMenuA
CharNextA
MapVirtualKeyA
OpenClipboard
GetWindowRect
GetWindow
GetWindowLongA
SetWindowPos
RegisterClipboardFormatA
GetWindowPlacement
KillTimer
IsWindow
SetScrollInfo
PtInRect
DrawMenuBar
GetDC
GetFocus
GetWindowThreadProcessId
GetCursor
GetKeyboardType
OpenIcon
DrawAnimatedRects
LoadIconA
ShowScrollBar
SetScrollRange
SetMenuItemInfoA
SetWindowTextA
SetClipboardData
GetScrollInfo
DefFrameProcA
GetMenuState
CheckMenuItem
DestroyWindow
CreateIcon
GetMenuStringA
GetClassInfoA
GetPropA
DestroyCursor
OemToCharA
InflateRect
IsChild
GetDesktopWindow
GetParent
EnumChildWindows
PeekMessageW
SendMessageW
GetMenuItemCount
GetDCEx
GetActiveWindow

ole32

CoUnmarshalInterface

kernel32

CreateFileA
LoadLibraryA
SetLastError
LocalReAlloc
CreateThread
HeapDestroy
GetLastError
GetStartupInfoA
lstrcmpA
VirtualAlloc
HeapAlloc
lstrcatA
GetCommandLineA
SizeofResource
GetOEMCP
FreeLibrary
ReadFile
GetTickCount
lstrlenA
SetErrorMode
SetThreadLocale
GetStdHandle
FormatMessageA
GetThreadLocale
RaiseException
GetFullPathNameA
GetVersion
EnterCriticalSection
MoveFileA
FindFirstFileA
SetEvent
CloseHandle
GlobalAddAtomA
GetLocalTime
InitializeCriticalSection
SetEndOfFile
FreeResource
GetProcAddress
WideCharToMultiByte
lstrcpynA
CreateEventA
FindResourceA
CompareStringA
GetStringTypeW
GetCurrentProcessId
WriteFile
SetFilePointer
IsBadReadPtr
GetLocaleInfoA
GetSystemDefaultLangID
LocalAlloc
GetFileSize
GetCurrentThreadId
ExitProcess
IsBadHugeReadPtr
MoveFileExA
VirtualQuery
GetFileAttributesA
GetCurrentThread
GetTempPathA
VirtualFree
GetCurrentProcess
ResetEvent
GlobalDeleteAtom

gdi32

CreateFontIndirectA
CreatePalette
GetPaletteEntries
SelectPalette
SaveDC
GetDCOrgEx
CreateBitmap
CreateCompatibleDC
GetDIBits
BitBlt

Exports

Exports

xkB2jHEtmHnN@16

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9aaca65ed408828fabc1d103b6ad6d34

Headers

File Characteristics

Imports

user32

ole32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 49KB - Virtual size: 88KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 49KB - Virtual size: 88KB

.rsrc
Size: 2KB - Virtual size: 1KB