4502cb0c6d11bcc0041b5e3e9579dc13_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4502cb0c6d11bcc0041b5e3e9579dc13_JaffaCakes118
Size

217KB
MD5

4502cb0c6d11bcc0041b5e3e9579dc13
SHA1

cfb797571e3892300bcf1f6749994f8d0f0563a1
SHA256

da2b1157f7f0d3b8a6fb906aeda195fbeca9b237f6c028d8b2a2a3c6f69b3835
SHA512

777d15648d37a11ba46d2f08e2a1ffc0e25cb0086f414e4f06e4b7c619551182613e3ae3550151b30cd4f0207ba54ce0525ed899cfca8efd96c568dcfde9b2fd
SSDEEP

3072:hOwL+c+D/LGuF3HXDWNyfAaorUX0VQlBB9VG:5azb3yrYX6SBw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4502cb0c6d11bcc0041b5e3e9579dc13_JaffaCakes118

Files

4502cb0c6d11bcc0041b5e3e9579dc13_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2949ab9174585ff57a12b6b540d99a57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EmptyClipboard
EqualRect
FillRect
GetClientRect
GetDesktopWindow
GetMenuItemID
GetWindowRect
IsZoomed
KillTimer
LoadStringA
SendDlgItemMessageA
SetScrollInfo
SetWindowPos

comctl32

CreatePropertySheetPageA
CreatePropertySheetPageW
CreateStatusWindowA
CreateToolbarEx
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_EndDrag
ImageList_GetIconSize
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_Write
PropertySheetA

gdi32

CopyEnhMetaFileA
CreateDIBSection
CreateICA
CreatePatternBrush
CreateRectRgnIndirect
ExtEscape
ExtTextOutW
GetCharWidthW
GetTextExtentPoint32W
PolyDraw
ScaleWindowExtEx
SetColorAdjustment
SetWinMetaFileBits
StrokeAndFillPath
TranslateCharsetInfo

kernel32

CompareFileTime
DeleteFileW
DuplicateHandle
ExitThread
FindNextFileA
FreeLibrary
FreeResource
GetCurrentThreadId
GetEnvironmentStrings
GetFileAttributesA
GetFileSize
GetLocaleInfoA
GetSystemDirectoryA
GetTempPathA
GetThreadLocale
GetVersionExW
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
IsBadWritePtr
LCMapStringW
LoadLibraryExA
LocalFileTimeToFileTime
RaiseException
SetEvent
TlsGetValue

shell32

CommandLineToArgvW
DragAcceptFiles
DragQueryFile
DragQueryFileW
ExtractAssociatedIconW
ExtractIconExW
FindExecutableW
SHAppBarMessage
SHBindToParent
SHBrowseForFolder
SHFileOperationA
SHGetFileInfoA
SHGetFolderPathW
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
ShellExecuteExA
ShellExecuteW

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

i8gcu9Il
Size: 1KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2949ab9174585ff57a12b6b540d99a57

Headers

File Characteristics

Imports

user32

comctl32

gdi32

kernel32

shell32

Sections

.text Size: 90KB - Virtual size: 89KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 22KB - Virtual size: 21KB

i8gcu9Il Size: 1KB - Virtual size: 120KB

.text
Size: 90KB - Virtual size: 89KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 22KB - Virtual size: 21KB

i8gcu9Il
Size: 1KB - Virtual size: 120KB