f120055153a0052750cc857eac3dbbd4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f120055153a0052750cc857eac3dbbd4_JaffaCakes118
Size

362KB
MD5

f120055153a0052750cc857eac3dbbd4
SHA1

48717d893ca247291fb0593d63b9c478b2fe02c3
SHA256

559f587d8e17bfbea1ecb5fdc0140f465a56fcaf4fd60a3935792c55342732c7
SHA512

f3fb8caabe0e538f37c729b8506d7f317f1c3523d9b8ed8734a7f8fd08baa3f9920834978436609fc226b4f4c64c6b21c7b964d34b9deeaacd16bec358c6cdbe
SSDEEP

6144:h0gc62VEl1VTTTg/0+mQHo7APaxzcpC7B/SV/57gufHuHHdrHWLuI8UA:GgCVEfV3TgIQH3ax2k/Abx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f120055153a0052750cc857eac3dbbd4_JaffaCakes118

Files

f120055153a0052750cc857eac3dbbd4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b1237459cf31ac6ef4fbbd222328af0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowLongA
SetForegroundWindow
SetDlgItemTextA
SetDlgItemInt
SetClipboardData
SetCapture
SetActiveWindow
SendMessageA
ScreenToClient
ReleaseCapture
RegisterClipboardFormatA
PtInRect
OpenClipboard
MoveWindow
SetWindowTextA
MessageBeep
LoadIconA
IsDlgButtonChecked
IsClipboardFormatAvailable
InvalidateRect
GetWindowTextLengthA
GetWindowRect
GetWindowLongA
GetTitleBarInfo
GetSystemMetrics
GetParent
GetMenuStringA
GetKeyState
ShowWindow
TrackPopupMenu
UpdateWindow
MessageBoxA
GetDlgItemTextA
GetDlgItemInt
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetCursorPos
GetClipboardData
GetClientRect
GetClassNameA
GetCapture
GetActiveWindow
FindWindowA
EnumChildWindows
EndDialog
EnableWindow
EnableMenuItem
EmptyClipboard
DialogBoxParamA
DestroyMenu
CreateWindowExA
CreatePopupMenu
CreateDialogParamA
CloseClipboard
CheckDlgButton
CharLowerA
CallWindowProcA
AppendMenuA
wsprintfA

kernel32

OpenProcess
CreateToolhelp32Snapshot
Process32First
WriteFile
Process32Next
FlushFileBuffers
lstrlenA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
WritePrivateProfileStringA
WinExec
WaitForSingleObject
VirtualProtectEx
VirtualFree
VirtualAlloc
UnmapViewOfFile
TerminateProcess
Sleep
SizeofResource
SetUnhandledExceptionFilter
SetFileAttributesA
SetEnvironmentVariableA
RtlZeroMemory
RtlMoveMemory
ReadProcessMemory
ReadFile
MapViewOfFile
LoadResource
LoadLibraryExA
LoadLibraryA
GlobalUnlock
GlobalLock
GlobalAlloc
GetVersion
GetTempPathA
GetSystemTime
CloseHandle
CompareStringA
CreateFileA
CreateFileMappingA
CreateProcessA
CreateThread
DeleteFileA
EnumResourceNamesA
ExitProcess
ExpandEnvironmentStringsA
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FreeLibrary
GetCommandLineA
GetFileAttributesA
GetFileSize
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetProcAddress

shell32

DragAcceptFiles
ShellExecuteA
DragQueryFileA
DragFinish

advapi32

RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyA
RegSetValueExA

gdi32

SelectObject
CreateSolidBrush
GetObjectA
GetStockObject
SetTextColor
SetBkMode
RoundRect
CreateFontIndirectA

comctl32

InitCommonControls

comdlg32

ChooseColorA
GetOpenFileNameA
GetSaveFileNameA

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 238KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1237459cf31ac6ef4fbbd222328af0a

Headers

File Characteristics

Imports

user32

kernel32

shell32

advapi32

gdi32

comctl32

comdlg32

Sections

.text Size: 78KB - Virtual size: 78KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 238KB - Virtual size: 405KB

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 78KB - Virtual size: 78KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 238KB - Virtual size: 405KB

.rsrc
Size: 40KB - Virtual size: 40KB