28a01b6aa86e3224939b60c38bf7ffb4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28a01b6aa86e3224939b60c38bf7ffb4_JaffaCakes118
Size

175KB
MD5

28a01b6aa86e3224939b60c38bf7ffb4
SHA1

59dceab07b4124e6b440e0712bd2a8781ba573bc
SHA256

e2dfc617d4296a319c1cf9624bd97c8a7f7b0474acaa382349fc84b83949dc01
SHA512

94caa5d06000a48334708aa4e9ad3eb1abc00a894807011a442708939e040518a7b9b3c0cf72846ff6158686bfc913695d2f539c9630b86a7386f0f3648dd7dd
SSDEEP

3072:ngUeQDOjWRN7rKAESPCbmyA/2tJaOuxsOXWvt68PIR9t2wuiR1SdSCXLzjrnsh6V:nPeQqS5rUSiFJaOYsOmV0R9gsRXEXjrs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28a01b6aa86e3224939b60c38bf7ffb4_JaffaCakes118

Files

28a01b6aa86e3224939b60c38bf7ffb4_JaffaCakes118
.exe windows:63728 windows x86 arch:x86

ee7f20919fe537424e84db9074cde574

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryInfoKeyW
RegQueryInfoKeyW
RegOpenKeyExW

shell32

ShellExecuteExW
SHGetMalloc
DragQueryFileW
SHGetFileInfoW
DragAcceptFiles
SHGetFolderPathW
SHGetDesktopFolder

gdi32

CreateCompatibleBitmap
MoveToEx
SetBkMode
TextOutW
TextOutW
BitBlt
SetTextColor
SetBkMode
GetObjectW
SetTextColor
SetBkMode
GetStockObject
SetBkMode
LineTo
GetDeviceCaps
DeleteObject
SetBkMode
LineTo
SetTextColor
GetDeviceCaps
GetTextMetricsW

user32

GetSystemMetrics
ReleaseDC
LoadStringW
LoadIconW
GetMessageW
SetTimer
GetDlgItem
GetMessageW
PostMessageW
LoadIconW
CreateWindowExW
SendMessageW
ReleaseDC
GetDC
GetSystemMetrics
LoadIconW
ShowWindow
ShowWindow
GetWindowRect
GetMessageW
GetMessageW
ReleaseDC
GetDC
SetTimer
PostMessageW
GetDlgItem
GetSystemMetrics
DestroyWindow
GetWindowRect
SendMessageW
UpdateLayeredWindow
SendMessageW

kernel32

FreeLibrary
GetCurrentProcess
SetUnhandledExceptionFilter
VirtualFree
GetModuleHandleA
GetCommandLineA
MultiByteToWideChar
QueryPerformanceCounter
LoadLibraryA
GetProcessHeap
QueryPerformanceCounter
GetCommandLineW
GetModuleHandleA
GetCurrentThreadId
VirtualAlloc
GetCurrentThreadId
VirtualFree
LocalFree
GetModuleFileNameA
GetModuleFileNameA
MultiByteToWideChar
MultiByteToWideChar
QueryPerformanceCounter
LocalFree
VirtualAlloc
SetEvent
GetCurrentThreadId
GetProcessHeap
GetCurrentProcess
GetACP

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee7f20919fe537424e84db9074cde574

Headers

File Characteristics

Imports

advapi32

shell32

gdi32

user32

kernel32

Sections

.text Size: 16KB - Virtual size: 16KB

.data Size: 154KB - Virtual size: 156KB

.rdata Size: 2KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.text
Size: 16KB - Virtual size: 16KB

.data
Size: 154KB - Virtual size: 156KB

.rdata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB