e98c165a7bd851804792f9357eca4129_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e98c165a7bd851804792f9357eca4129_JaffaCakes118
Size

674KB
MD5

e98c165a7bd851804792f9357eca4129
SHA1

574b9f0bcd3dbf373161cf13d45e31f0f1e76c42
SHA256

1ad874fcde1fcd81f3eddd257b8b5c1808b5841bb1c63b4f241fe8db564ca761
SHA512

d6dc79d4eda14e47a67161781a283c689dd794f89169956f9cbf65d8c433b24a21c2fb7441084741afd3273553f32e0478dbf54efcb443750ec9b7b0eee7bba6
SSDEEP

12288:BOpJCB05T8tcohm04b+JTh8XpuLlfF/Cm0VzSKWAJmX/Ys:BOa05AtcrM8XEhfFa0Es

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e98c165a7bd851804792f9357eca4129_JaffaCakes118

Files

e98c165a7bd851804792f9357eca4129_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8607bdf6394ad2255a1c6cf45283700f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetTempPathA
GetWindowsDirectoryA
GetSystemDirectoryA
WideCharToMultiByte
lstrlenW
ExitProcess
InterlockedIncrement
InterlockedDecrement
DebugBreak
OutputDebugStringA
GetStringTypeExA
GetThreadLocale
CreateDirectoryA
GetLastError
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
GetSystemDefaultLangID
FormatMessageA
FreeLibrary
LoadLibraryA
WriteFile
RemoveDirectoryA
lstrcmpiA
GetVersionExA
SetLastError
GetCurrentProcess
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
HeapCreate
InitializeCriticalSection
FlushInstructionCache
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapReAlloc
HeapFree
GetExitCodeProcess
CreateProcessA
CompareStringA
GetFileAttributesA
WaitForSingleObject
GetTickCount
lstrlenA
GetModuleHandleA
GetProcAddress
GetDiskFreeSpaceA
MultiByteToWideChar
FindFirstFileA
lstrcmpA
FindNextFileA
FindClose
SetFileAttributesA
RtlUnwind
CreateFileA
SetFileTime
ReadFile
CloseHandle

user32

GetParent
GetWindowLongA
DialogBoxParamA
GetActiveWindow
CharUpperA
MsgWaitForMultipleObjects
SendMessageA
GetClientRect
GetWindow
GetWindowRect
SendDlgItemMessageA
GetDlgItemTextA
SetDlgItemTextA
EnumChildWindows
PeekMessageA
TranslateMessage
DispatchMessageA
LoadStringA
SystemParametersInfoA
MapWindowPoints
SetWindowLongA
GetDlgCtrlID
CheckDlgButton
GetSystemMetrics
SetFocus
wvsprintfA
CharNextA
SetWindowPos
IsWindow
GetWindowTextLengthA
GetWindowTextA
SetTimer
LoadImageA
GetSysColorBrush
IsDlgButtonChecked
EnableWindow
MessageBoxA
EndDialog
GetDlgItem
SetWindowTextA
ShowWindow

gdi32

CreateDIBSection
AddFontResourceA

advapi32

RegCreateKeyExA
OpenSCManagerA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
CreateServiceW
CloseServiceHandle

shell32

ShellExecuteExA
SHGetDesktopFolder
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

ole32

OleUninitialize
StringFromGUID2
CLSIDFromProgID
CoCreateInstance
OleInitialize

oleaut32

SysAllocString
VariantCopy
VariantClear
VariantChangeType
VariantCopyInd
SysStringLen
SysAllocStringLen
SysFreeString
RegisterTypeLi
LoadTypeLi
BstrFromVector
VariantInit

comctl32

ord17

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8607bdf6394ad2255a1c6cf45283700f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 6KB - Virtual size: 6KB