5621052754467d8178619aabda9565c7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5621052754467d8178619aabda9565c7_JaffaCakes118
Size

136KB
MD5

5621052754467d8178619aabda9565c7
SHA1

c69a4d52b1594b89d2bdeb7791d8a7e02a669df1
SHA256

f410df631a87c6a63a1b91b25c0adf425958b0cb1f40527db4ab3960e1145623
SHA512

a5e30cc9d523d6ae39ebd15aad35157e62c228cfd73444c4fa8b30674fccf89738613da5eeb17811d86b311707a5c79519716270ef2bc3d9e5fd938b0adb514a
SSDEEP

3072:rzcpHezQ9vPw6nEC1fIhcT7kWpXexVSA2EjzdMix+rDayr5j:s9zFGcTdpQVbze5T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5621052754467d8178619aabda9565c7_JaffaCakes118

Files

5621052754467d8178619aabda9565c7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6eb935580be32a0ab60fa4f71555c616

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

IsCharSpaceA
SHRegEnumUSKeyA
StrDupW
StrCmpNA
StrDupA

shell32

SHGetSpecialFolderPathA
SHCreateDirectoryExW

kernel32

GetTempPathA
PulseEvent
GlobalMemoryStatus
SearchPathW
PeekNamedPipe
SetEndOfFile
SetEvent
GetCurrentThread
FindResourceExA
CopyFileW
GetNamedPipeInfo
lstrcatW
SetThreadPriority
ReleaseSemaphore
FindClose
_hwrite
FindAtomA
GetThreadPriority
WaitCommEvent
SetFileShortNameA
GetVersion
lstrcpyA
lstrcmpiW
GetSystemInfo
lstrcmpiA
GetSystemTimeAdjustment
SetLocalTime
GetModuleHandleW
lstrlenA
FindResourceA
FileTimeToLocalFileTime
_lopen
GetLocalTime
FormatMessageA
CompareFileTime
GetBinaryTypeA

user32

IsCharAlphaNumericW
GetDC
CharUpperA
MapDialogRect
SetActiveWindow
PrivateExtractIconsW
SetWindowPlacement
CharUpperBuffA
SetWindowPos
LookupIconIdFromDirectory
EndPaint
GetUpdateRgn
GetPropA
DeleteMenu
LoadCursorW
RemovePropA
SendMessageA
GetMenuItemInfoW
BeginPaint
TranslateMessage
LoadAcceleratorsW
GetCursorInfo
InvalidateRect
EnumPropsA
PeekMessageW
DestroyCursor
EnableScrollBar
PostMessageA
DispatchMessageA
SetWindowTextA
TranslateAcceleratorA

gdi32

InvertRgn
DeleteDC
Polyline
GetSystemPaletteEntries
GetTextExtentPointA
CreateScalableFontResourceA
SetBkColor
CreateBitmapIndirect
GetObjectType
DeleteObject
ExcludeClipRect
GetCharWidthW
CreateDCA
LineDDA
PtVisible
OffsetClipRgn
SetBoundsRect
SetSystemPaletteUse

advapi32

ObjectCloseAuditAlarmW
EqualPrefixSid
EqualSid
PrivilegedServiceAuditAlarmA
IsValidSid

Exports

Exports

_Copy_Bitmap@12
_Create_Bitmap@12
_Set_Bitmap@12
_Update_Bitmap@12

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vars
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IMPORTS
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 582B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6eb935580be32a0ab60fa4f71555c616

Headers

File Characteristics

Imports

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.code Size: 4KB - Virtual size: 3KB

.vars Size: 1024B - Virtual size: 744B

IMPORTS Size: 3KB - Virtual size: 2KB

.rsrc Size: 117KB - Virtual size: 117KB

.reloc Size: 1024B - Virtual size: 582B

.text
Size: 9KB - Virtual size: 8KB

.code
Size: 4KB - Virtual size: 3KB

.vars
Size: 1024B - Virtual size: 744B

IMPORTS
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 117KB - Virtual size: 117KB

.reloc
Size: 1024B - Virtual size: 582B