51f8c38257d6dd538c4ce85ee403cf4e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

51f8c38257d6dd538c4ce85ee403cf4e_JaffaCakes118
Size

99KB
MD5

51f8c38257d6dd538c4ce85ee403cf4e
SHA1

9a7e016f2fb6bdd2a2ebf2ec27c5f54b44a5dfb7
SHA256

c5e1433ab62f3e51ab700c107626b25b9ac3ca58afdd25f8fe1a5257aa76e5f6
SHA512

80b9b47a707a1cf257e4a286af3403cac16f2e734e48da65e168e44f4816f4a37fffdbb251af35a92b41d8471374d4e68f7eaf92bb5e71efb765ccbcbc38eee9
SSDEEP

1536:Q04jIdn2hQ4SE3ZewJCIdOKikgMtVWgyhEzF3/O84EJhdY56eU97:2o2adE3c4TOKiktpyqxNjJhdYI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51f8c38257d6dd538c4ce85ee403cf4e_JaffaCakes118

Files

51f8c38257d6dd538c4ce85ee403cf4e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c4588c67eea78691a8a5aaf2ecfb9b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsChild
GetForegroundWindow
ShowWindow
GetSysColorBrush
GetScrollInfo
DrawTextA
HideCaret
SetWindowLongA
GetMessagePos
GetDesktopWindow
GetScrollRange
GetMenu
GetSubMenu
IsMenu
GetClassLongA
GetParent
CharLowerBuffA
GetDCEx
GetActiveWindow
SystemParametersInfoA
GetMenuItemID
CharLowerA
GetMenuItemInfoA
CreateIcon
CreateWindowExA
DrawIcon
FrameRect
IsDialogMessageA
GetPropA
EnumThreadWindows
CreatePopupMenu
GetMenuItemCount
DispatchMessageA
EnableScrollBar
GetFocus
CallWindowProcA
SetWindowPos
IsWindowVisible
EnableWindow
DefMDIChildProcA
GetWindow
IsWindowEnabled
SetWindowTextA
GetSysColor
DrawIconEx
DrawFrameControl
GetWindowTextA
MessageBoxA
EndDeferWindowPos
GetClassInfoA
GetDC
GetScrollPos
GetClipboardData
GetLastActivePopup
SetTimer
RegisterClassA
EndPaint
SetCursor
GetCursorPos
TrackPopupMenu
CheckMenuItem
DrawMenuBar
GetMenuStringA
ShowScrollBar
EnableMenuItem
GetIconInfo
GetDlgItem
CreateMenu
FindWindowA

kernel32

SetFilePointer
MoveFileExA
VirtualQuery
LockResource
GetLocaleInfoA
FormatMessageA
FindClose
lstrcpynA
WriteFile
GetCurrentThreadId
DeleteCriticalSection
GetCommandLineA
lstrlenA
GetUserDefaultLCID
GetFileSize
GetVersion
lstrcmpA
Sleep
EnterCriticalSection
GetStdHandle
SetThreadLocale
lstrcmpiA
GetCurrentProcessId
LoadLibraryExA
GetFileAttributesA
GetACP
SetLastError
GetLastError
GetVersionExA
GetCurrentThread
GetSystemDefaultLangID
ReadFile
GetModuleHandleA
GetFullPathNameA
GetTickCount
GlobalAlloc
CreateEventA
VirtualAlloc
GetProcAddress
VirtualAllocEx
HeapFree
SetEndOfFile
WaitForSingleObject
FreeResource
GlobalDeleteAtom
GetStringTypeA
HeapDestroy
EnumCalendarInfoA
LoadLibraryA
GetDiskFreeSpaceA
CreateFileA
GetOEMCP
GetModuleFileNameA
GetLocalTime
InitializeCriticalSection
GetCPInfo
CreateThread
GetEnvironmentStrings
GlobalFindAtomA
ExitProcess
ExitThread
ResetEvent
SetEvent
LoadResource
SetErrorMode
CompareStringA

msvcrt

log
calloc
memcpy

shell32

SHFileOperationA

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 842B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c4588c67eea78691a8a5aaf2ecfb9b8

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

shell32

Sections

.text Size: 41KB - Virtual size: 41KB

.bss Size: 4KB - Virtual size: 3KB

.init Size: 51KB - Virtual size: 50KB

.rdata Size: 1024B - Virtual size: 842B

.text
Size: 41KB - Virtual size: 41KB

.bss
Size: 4KB - Virtual size: 3KB

.init
Size: 51KB - Virtual size: 50KB

.rdata
Size: 1024B - Virtual size: 842B