264fa0626e7c70b90f3bfb7918d21789_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

264fa0626e7c70b90f3bfb7918d21789_JaffaCakes118
Size

220KB
MD5

264fa0626e7c70b90f3bfb7918d21789
SHA1

c3a5439149091cd0a3c62d554762251655ac9c4f
SHA256

f5a119e955a9d4e3fecc0b3158b57f01c37302413df7cd9d648b91a3edab1ce7
SHA512

efbfaf7b0eae74e7b3fccbda17ede9475e0a31d2ba1e345e7ecb2c764d998d625162d3d558250a60c40e33127a0e774f7874fab0baad0016f1a64b01f70a5d27
SSDEEP

3072:f5XScTP7DtVsdoovYtDxlQX2dk5TZcpEg3FD4kesjK/fDphrR:ZScTtWgtDxlgypj1MBfD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
264fa0626e7c70b90f3bfb7918d21789_JaffaCakes118

Files

264fa0626e7c70b90f3bfb7918d21789_JaffaCakes118
.exe windows:4 windows x86 arch:x86

724462adb95575eee65f1d8ee5635481

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyboardLayoutList
PeekMessageA
CharNextW
SetScrollInfo
RegisterWindowMessageA
SetWindowsHookExA
DestroyIcon
EnableWindow
CharUpperA
FindWindowA
ShowOwnedPopups
EnableMenuItem
SetRect
OpenIcon
AdjustWindowRectEx
DefMDIChildProcA
WindowFromPoint
EndDialog
OemToCharA
DefWindowProcA
GetWindowTextLengthA
DispatchMessageA
GetActiveWindow
EqualRect
SystemParametersInfoA
IsCharLowerA
CallWindowProcA
LoadCursorA
PtInRect
IsDialogMessageW
GetSubMenu
SetClassLongA
GetDlgItem
SetWindowLongW
GetSysColor
CharLowerBuffA
GetClipboardData
GetMessagePos
LoadStringA
SetCursor
GetCapture
CharNextA
OpenClipboard
wsprintfA
GetKeyNameTextA
LoadBitmapA
GetClassLongA
GetKeyboardState
CharLowerA
GetMenuItemInfoA
OffsetRect
GetMenuItemCount
GetMenu
CloseClipboard
ActivateKeyboardLayout
CallNextHookEx
PeekMessageW
GetWindowTextA
EndPaint
PostQuitMessage
GetSystemMenu
GetCursor

version

GetFileVersionInfoA

kernel32

LoadLibraryA
GlobalDeleteAtom
GetDateFormatA
SetEndOfFile
GetSystemDefaultLangID
GetUserDefaultLCID
GetLocalTime
GetThreadLocale
IsBadHugeReadPtr
RaiseException
GetCPInfo
SetEvent
ExitProcess
DeleteFileA
ReadFile
GetOEMCP
LoadResource
GetModuleFileNameA
LocalReAlloc
VirtualAllocEx
HeapDestroy
GetCurrentProcess

gdi32

GetBkColor

Exports

Exports

2E3zPJlo
58StZAHyo_Va

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ffdata
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

724462adb95575eee65f1d8ee5635481

Headers

File Characteristics

Imports

user32

version

kernel32

gdi32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 11KB - Virtual size: 11KB

.ffdata Size: 184KB - Virtual size: 184KB

.data Size: 5KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 96B

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 11KB - Virtual size: 11KB

.ffdata
Size: 184KB - Virtual size: 184KB

.data
Size: 5KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 96B

.rsrc
Size: 8KB - Virtual size: 8KB