5699b5b6220422897fe21369d823cc0a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5699b5b6220422897fe21369d823cc0a_JaffaCakes118
Size

73KB
MD5

5699b5b6220422897fe21369d823cc0a
SHA1

2c7e25bc16431538d5cb47a3c1f6445fb6af758e
SHA256

0d442e743d5784f564bdc4f2e48c6c3f83be4fff731e5d10780781bb57c75d72
SHA512

64f4c08ded0f858979d4885020eb7faf2f0acd950f91a337438f130630459f686a6c92e9178bc1d01363d014c8fcb3141cc1aefca1c6e3be8700f833622f09a1
SSDEEP

1536:7ripJax/MC1oomL209puLqJX15iJW4LRwNMN+WtTyqqu:70MM/20pSqacPMN+W0I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5699b5b6220422897fe21369d823cc0a_JaffaCakes118

Files

5699b5b6220422897fe21369d823cc0a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dedfc9edb0425fb01a2790e88692850a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconW
SHGetFolderPathA
SHFileOperationA
Shell_NotifyIconA
SHGetSpecialFolderLocation

oleaut32

VariantChangeType
RegisterTypeLib
GetErrorInfo
SafeArrayGetElement
SafeArrayCreate

kernel32

GetLastError
SizeofResource
ExitProcess
VirtualAllocEx
VirtualFree
GetCurrentThreadId
GlobalAlloc

user32

KillTimer
CheckMenuItem
IsChild
IsRectEmpty
IsDialogMessageA
SetWindowsHookExA
DefMDIChildProcA
CharNextA
ClientToScreen
SetWindowLongW
CharToOemA
DrawIconEx
InflateRect
IsDlgButtonChecked
GetWindowRect
SetRect
DrawIcon
GetKeyState
CallNextHookEx
CallWindowProcA
MsgWaitForMultipleObjects
GetCapture
IsCharUpperA
SetClassLongA
GetParent
SendMessageW
InsertMenuA
GetWindowTextA
GetIconInfo
EnumWindows
GetScrollInfo
IsWindowVisible
IsDialogMessageW
EnableMenuItem
GetScrollRange
GetActiveWindow
SetScrollRange
EnumChildWindows
GetWindowPlacement
PostQuitMessage
CharUpperA
SetClipboardData
DeleteMenu
CreateMenu
SetScrollInfo
InvalidateRect
EqualRect
IsCharLowerA
TranslateMessage
CreateIcon
GetKeyNameTextA
CharUpperBuffA
GetMenu
SetFocus
SendMessageA
WindowFromPoint
wsprintfA
GetCursor
IsMenu
PtInRect
ShowOwnedPopups
DestroyWindow
EnableWindow
GetSysColorBrush
GetSystemMetrics
SetWindowPlacement
IsWindow
RegisterClipboardFormatA
IsWindowEnabled
ChildWindowFromPoint
MapVirtualKeyA

Exports

Exports

_UsECh
nwt3SiyP
_ZXoMD_e@4
hhGVTfBFvX8Bkg
VpyBHJ
sRBYHqrlCdlJ@16
TbmruZSpk@4
_LR9UUJd2R_Uipp
7aj4Bv0MJmuMfD
svpZdcWj1L3Pu
_hNIcVqqri5HGw@4
_iPa3SNw
_BZssJoUy_
_G4_H1j3AxTx5
_xK6POm@20
_GgbM2LuzD7al
VYIZgW3of@4
GiG7y_dFXa_

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dedfc9edb0425fb01a2790e88692850a

Headers

File Characteristics

Imports

shell32

oleaut32

kernel32

user32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 51KB - Virtual size: 87KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 51KB - Virtual size: 87KB

.rsrc
Size: 4KB - Virtual size: 4KB