f08c5ae5982b96ee017465aabde11cac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f08c5ae5982b96ee017465aabde11cac_JaffaCakes118
Size

184KB
MD5

f08c5ae5982b96ee017465aabde11cac
SHA1

5d03969b205881e4c19ddf1b3677d6439d64abe1
SHA256

beb72606a2ef745862c63c38fff87dfcae65c6377c12670b7970ded92ebd22e0
SHA512

2308d649ecab4b04c4892aa2479d7f75d931075c092c4121da0f5cc7888317cb15df14b772d157cd46d25326fa364b3101f97f30166a2f208e3277fd52acfbd1
SSDEEP

3072:peze2lPEAq+nhxVhQIkep77uaUY/w44Gnt2kv+/1xwTV+ALa:Uze2Or+n3Vnr7jUm3dF+txwJ1L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f08c5ae5982b96ee017465aabde11cac_JaffaCakes118

Files

f08c5ae5982b96ee017465aabde11cac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d0e42b4f5cbc8f5e05011169629bc51e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharUpperW
InvalidateRgn
GetNextDlgTabItem
RemovePropW
IsRectEmpty
CreateWindowExW
InvalidateRect
SendDlgItemMessageA
WinHelpW
GetClassInfoExW
GetPropW
RegisterWindowMessageW
CopyAcceleratorTableW
SetPropW
SetRect
CharNextW
GetClassLongW
GetNextDlgGroupItem
MessageBeep
DestroyMenu

kernel32

CreateFileW
ConvertDefaultLocale
ReadFile
GetCalendarInfoW
FindClose
DeleteFileW
CreateDirectoryW
GetThreadContext
GetModuleFileNameW
EnumResourceLanguagesW
FindNextFileW
SystemTimeToFileTime
MoveFileW
MultiByteToWideChar
lstrcpyW
GetLocaleInfoW
WriteFile
FindFirstFileW
EnumResourceNamesA
GetFileAttributesW
GetSystemDefaultLangID
SetFilePointer
LoadLibraryW
RemoveDirectoryW
ExitProcess
GetCurrentProcessId
GetVersion
SetFileTime
GetCurrentDirectoryW
LocalFileTimeToFileTime
InterlockedDecrement
WideCharToMultiByte
GetProcAddress

shlwapi

PathFileExistsW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW
PathAppendW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

advapi32

RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegCloseKey
RegEnumKeyW
RegOpenKeyExW
RegOpenKeyW
RegQueryValueW
RegSetValueExW
RegQueryInfoKeyW
RegQueryValueExW

gdi32

DeleteDC
PtVisible
GetDeviceCaps
OffsetViewportOrgEx
ExtSelectClipRgn
GetBkColor
GetStockObject
SelectObject
GetTextColor
Escape
ExtTextOutW
GetMapMode
SetWindowExtEx
ScaleViewportExtEx
RectVisible
SetViewportOrgEx
ScaleWindowExtEx
TextOutW
GetRgnBox

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoUninitialize
CoRevokeClassObject
CreateILockBytesOnHGlobal
CLSIDFromProgID
OleUninitialize
CoInitialize
OleFlushClipboard
CoTaskMemFree
CoRegisterMessageFilter
CoTaskMemAlloc
CoCreateInstance
OleInitialize
StgCreateDocfileOnILockBytes
CoGetClassObject
CoFreeUnusedLibraries
OleIsCurrentClipboard
StgOpenStorageOnILockBytes
CLSIDFromString

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0e42b4f5cbc8f5e05011169629bc51e

Headers

File Characteristics

Imports

user32

kernel32

shlwapi

shell32

advapi32

gdi32

oleacc

ole32

Sections

.text Size: 103KB - Virtual size: 103KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 75KB - Virtual size: 75KB

.edata Size: 1024B - Virtual size: 244KB

.text
Size: 103KB - Virtual size: 103KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 75KB - Virtual size: 75KB

.edata
Size: 1024B - Virtual size: 244KB