2d95b47485866bdfb83c4240a6e89a88_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d95b47485866bdfb83c4240a6e89a88_JaffaCakes118
Size

208KB
MD5

2d95b47485866bdfb83c4240a6e89a88
SHA1

02c44e16063eb48a7402488a927986ce0e127dad
SHA256

125a1b5cd21522d0f1f1a8fa5d691df86378a0f4fe104ac7df0dd47f72fecb00
SHA512

9fe60787992e18d6f4ac5508ec81ffbfa67c5cbe5e68a9b5ef633fb40d3686dddf91f26a13dcb83c791a109d6d8f84a66881210f16424bc2f5133dea34888836
SSDEEP

3072:fZYlxKzJt4Jn9y/swvq6ixW2TLYPe7O7tiGrJ2A5rxvJg/3oqT:Gl8OnCs5/YPe7O7tiGrkyQ/3n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d95b47485866bdfb83c4240a6e89a88_JaffaCakes118

Files

2d95b47485866bdfb83c4240a6e89a88_JaffaCakes118
.exe windows:4 windows x86 arch:x86

118a8c006807060c62c484d404b6d9cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateDIBPatternBrushPt
CreateFontIndirectA
EndPage
EnumFontFamiliesA
IntersectClipRect
MoveToEx
OffsetClipRgn
OffsetWindowOrgEx
Rectangle
SetTextJustification
SetViewportExtEx
SetWindowOrgEx

shell32

DragAcceptFiles
DragQueryFile
ExtractIconW
SHBrowseForFolderW
SHCreateDirectoryExA
SHFileOperationW
SHGetDesktopFolder
SHGetFileInfoA
SHGetFolderLocation
ShellExecuteW
Shell_NotifyIconA

comctl32

CreatePropertySheetPageA
ImageList_Add
ImageList_DrawEx
ImageList_GetIconSize
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_SetBkColor
InitializeFlatSB

user32

CharLowerA
CheckMenuItem
CreatePopupMenu
EnableWindow
GetActiveWindow
GetClassNameA
GetMenuStringA
GetSystemMetrics
GetWindowRect
IsDialogMessageA
IsWindowVisible
MessageBeep
MessageBoxA
PostQuitMessage
SendDlgItemMessageA
SetScrollPos
SetWindowsHookExA
ShowCursor
ShowWindow
TranslateMessage

kernel32

FindResourceW
GetACP
GetFileSize
GetFileType
GetLastError
GetOEMCP
GetStartupInfoW
GetSystemDirectoryW
GetTimeZoneInformation
InterlockedCompareExchange
MulDiv
SetEvent
SetThreadLocale
SetUnhandledExceptionFilter
TlsGetValue

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Ri3M20yS
Size: 512B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

118a8c006807060c62c484d404b6d9cd

Headers

File Characteristics

Imports

gdi32

shell32

comctl32

user32

kernel32

Sections

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 98KB - Virtual size: 98KB

.rsrc Size: 18KB - Virtual size: 17KB

Ri3M20yS Size: 512B - Virtual size: 120KB

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 98KB - Virtual size: 98KB

.rsrc
Size: 18KB - Virtual size: 17KB

Ri3M20yS
Size: 512B - Virtual size: 120KB