38044068b4ca32931d3c8ee4ea608a7c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

38044068b4ca32931d3c8ee4ea608a7c_JaffaCakes118
Size

282KB
MD5

38044068b4ca32931d3c8ee4ea608a7c
SHA1

abab7f6da4835a32374c643bfad9fcaf30055777
SHA256

7e1e47c0d303142cebd1353cf108e36ea28a81a51679c269dcf1ded1e37ed1ac
SHA512

aa999fbe269d34715cfeb783856d196caaffa6225d8ce751279ff9cddf1fab648e904fa5618d7877e55c9434b7e47f291a1a0081f444d8af25f498b80b88c08b
SSDEEP

3072:ze07uBekY9cpybzXUNFo5ml7fntLRt5ztco6nY3/lOV8FaqTf9a1yKC4:d6YPCpEXc+ItttJ6Y3NXaYla1yW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38044068b4ca32931d3c8ee4ea608a7c_JaffaCakes118

Files

38044068b4ca32931d3c8ee4ea608a7c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31d6731352cd75c23457dc40ac56b9cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragAcceptFiles
DragQueryFileA
ExtractAssociatedIconW
ExtractIconA
ExtractIconW
SHAppBarMessage
SHBrowseForFolder
SHBrowseForFolderA
SHChangeNotify
SHCreateDirectoryExA
SHFileOperationA
SHFileOperationW
SHGetDesktopFolder
SHGetDiskFreeSpaceExW
SHGetFileInfoA
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListA
ShellExecuteW

gdi32

BitBlt
CreateICW
CreatePenIndirect
DeleteMetaFile
DeleteObject
Ellipse
ExtCreatePen
ExtCreateRegion
GetEnhMetaFileBits
GetRegionData
GetTextExtentPoint32W
GetTextFaceW
InvertRgn
LineTo
PatBlt
Polyline
RealizePalette
RoundRect
SaveDC
SetMapMode
SetTextAlign
SetTextCharacterExtra
SetViewportOrgEx
SetWindowOrgEx

user32

AdjustWindowRectEx
CreatePopupMenu
CreateWindowExA
DestroyIcon
EnableMenuItem
EnumWindows
GetClassInfoA
GetCursorPos
GetIconInfo
GetSystemMenu
IsDialogMessageA
IsZoomed
LoadBitmapA
PostMessageA
PtInRect
SendMessageA
SetClipboardData
TranslateMessage

kernel32

FindNextFileW
FormatMessageA
GetCurrentDirectoryA
GetFileSize
GetFullPathNameA
GetOEMCP
GetStringTypeA
InitializeCriticalSection
InterlockedExchange
IsDebuggerPresent
ReadFile
RemoveDirectoryA
SetErrorMode
SizeofResource
TlsAlloc
WaitForMultipleObjects
WriteFile

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DpGxHHnz
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

31d6731352cd75c23457dc40ac56b9cd

Headers

File Characteristics

Imports

shell32

gdi32

user32

kernel32

Sections

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 98KB - Virtual size: 98KB

.rsrc Size: 22KB - Virtual size: 21KB

DpGxHHnz Size: 2KB - Virtual size: 120KB

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 98KB - Virtual size: 98KB

.rsrc
Size: 22KB - Virtual size: 21KB

DpGxHHnz
Size: 2KB - Virtual size: 120KB