ed788f19d1d1c5d1b8c979c6ae0f274e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ed788f19d1d1c5d1b8c979c6ae0f274e_JaffaCakes118
Size

176KB
MD5

ed788f19d1d1c5d1b8c979c6ae0f274e
SHA1

43b28d68275f4697f198827c9fb8bc0b53848160
SHA256

677475e88459a2cebb190d9376d434ac41efc4116a07baa11dbd09f7df543682
SHA512

6fa8859219a478aa8e7d6e6af8f642166c7f34bdf6b5b56999f8ae046a32010409a2a1a510dc52eab1699947e242145721800b7fb393857f7f328562e2dae847
SSDEEP

3072:I76siZ866e2YeHq2ECguCCMSc0win4r35xycxF5Z6Y4RpPJRybU64RfJOajTX:I7Fc6ID2YuCCMSc0wES3P5hKPJRB649P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed788f19d1d1c5d1b8c979c6ae0f274e_JaffaCakes118

Files

ed788f19d1d1c5d1b8c979c6ae0f274e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

29a9f40809dcc8014c476d39135aded5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathGetCharTypeA
SHSetValueA
SHQueryValueExA

version

VerInstallFileA

oleaut32

SysReAllocStringLen
SysStringLen
GetErrorInfo
SysFreeString
OleLoadPicture
RegisterTypeLib
SafeArrayPtrOfIndex

ole32

OleRegGetUserType
CoUnmarshalInterface
GetHGlobalFromStream
WriteClassStm
CoCreateFreeThreadedMarshaler
CoDisconnectObject
CreateOleAdviseHolder
PropVariantClear

gdi32

GetClipBox
GetCurrentPositionEx
GetBkMode
GetDIBits

comctl32

ImageList_DrawEx
ImageList_Add
ImageList_GetBkColor
ImageList_Read
ImageList_Create
ImageList_Remove

user32

InsertMenuItemA
CreateMenu
GetClientRect
GetSubMenu
UnregisterClassA
GetIconInfo
OffsetRect
RemoveMenu
SetFocus
UpdateWindow
EndPaint
GetWindowDC
EnumWindows
MapVirtualKeyA
IsDlgButtonChecked
GetScrollRange
RegisterClassA
GetKeyboardLayout
GetKeyboardLayoutList
PostMessageA
IsChild
EnableWindow
IsZoomed
BeginPaint
RemovePropA
EnableMenuItem
CharNextA
TranslateMDISysAccel
GetSystemMenu
WaitMessage
GetWindowTextLengthA
CharUpperA
RegisterWindowMessageA
DeleteMenu
WindowFromPoint
GetClassNameA
GetWindowThreadProcessId
FillRect
GetSysColorBrush
CheckMenuItem
SetCapture
IsDialogMessageA
SetWindowTextA
CloseClipboard
GetCursor
GetKeyboardLayoutNameA
InvalidateRect
GetCursorPos
CharLowerBuffA
MessageBeep
SetWindowLongW
DrawEdge
IsWindowEnabled
DrawFrameControl
SetScrollPos
InflateRect
PostQuitMessage
GetWindowLongW
SetParent
IsRectEmpty
GetScrollPos
IsMenu
PeekMessageA
CallWindowProcA
SystemParametersInfoA
InsertMenuA
IsWindow
CharToOemA
GetMenuItemCount
SetRect
SendMessageW
ClientToScreen
GetLastActivePopup
OpenClipboard
GetMenuItemInfoA
GetActiveWindow
SetWindowPos
GetWindowPlacement
GetTopWindow
ScrollWindow
DefWindowProcA
GetMenuStringA
SetWindowLongA
DispatchMessageW
GetWindow
FrameRect
GetDCEx
ShowOwnedPopups
RegisterClipboardFormatA
SetClassLongA
MsgWaitForMultipleObjects
CharNextW
OpenIcon
DestroyMenu

shell32

SHFileOperationA
Shell_NotifyIconW
SHGetFolderPathA
SHGetSpecialFolderLocation
SHGetDiskFreeSpaceA

advapi32

GetUserNameA
RegOpenKeyA
RegEnumKeyA
GetLengthSid

kernel32

VirtualAllocEx
WideCharToMultiByte
ExitProcess
VirtualFree
GlobalAlloc
VirtualQuery

Exports

Exports

_Pj7yfMNvW7xyG@4
Ao70awm7rh
eyXulr6@8
_S9Cnz1EDhI
_9cxado@12
_KdJ3t1p38iU
_USq2uMNj
1cR4k3oPPB3
_dWKAht0eY
0RtYcU6JuTo@24
vnl1g1AHs2Q
_PBPzTN9TI
_66v2zH4cros
_uEhUcBwbzcecG
VmY9U9jSKE
71c95G66ngz@12
i6edECwlbFI@8
_dpiLX2BF@12
g3m5o5O
Qn2Sv
dq5Gr
_79UcS_1ho
aJ6wf6GfLkz
_kAIYzSEt
6NdRR31
_c4J75
QUsDS1m8nux
_c9eus0vJz4yaKO@8
_wN3us3_@8
L46Lg
_DOTqsH_VFm
BYBvyd@4
u2iY5QL7@12
_YBSXe8TpTFO
_6wlF

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.data
.rdata
.reloc
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text

Sharing

General

Malware Config

Signatures

Files

29a9f40809dcc8014c476d39135aded5

Headers

File Characteristics

Imports

shlwapi

version

oleaut32

ole32

gdi32

comctl32

user32

shell32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 150KB - Virtual size: 298KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 150KB - Virtual size: 298KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 2KB