f71094170178c6bda1ee0e0f54f98b23_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f71094170178c6bda1ee0e0f54f98b23_JaffaCakes118
Size

186KB
MD5

f71094170178c6bda1ee0e0f54f98b23
SHA1

3548047a7955de96252a0a21840a8f9ca8b3deb9
SHA256

cbaf8ed7bf0220deb5bf69f4b65bfe030424ac86d7e0a781b0b0bcd92da8e103
SHA512

befd15674874a2f705940a6f6e96eb59121719c632a957cfadc2f9dd77eebfb5c3779a5f505aa36e98baa4cd31a23b492f6ba172dc8677d445f5f159f21a555b
SSDEEP

3072:zUHqpj+iHwsE3+64QSuedh+wyYE8pCaHSJaDf+HyUaP/wooi:oZsE3+SSuYxN4gD+SX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f71094170178c6bda1ee0e0f54f98b23_JaffaCakes118

Files

f71094170178c6bda1ee0e0f54f98b23_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3175b7144e464e0d374548d2703bbf42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
GetCurrentProcessId
GetCalendarInfoW
lstrcpyW
ReadFile
GetVersion
ConvertDefaultLocale
LocalFileTimeToFileTime
LoadLibraryW
DeleteFileW
GetLocaleInfoW
SetFileTime
CreateDirectoryW
FindClose
FindFirstFileW
CreateFileW
SystemTimeToFileTime
WriteFile
EnumResourceLanguagesW
EnumResourceNamesA
WideCharToMultiByte
InterlockedDecrement
SetFilePointer
ExitProcess
RemoveDirectoryW
MultiByteToWideChar
MoveFileW
GetModuleFileNameW
GetCurrentDirectoryW
GetSystemDefaultLangID
GetFileAttributesW
GetProcAddress

ole32

CoInitialize
CoRegisterMessageFilter
CoGetClassObject
OleInitialize
OleIsCurrentClipboard
OleUninitialize
CoRetireServer
CoTaskMemAlloc
CreateILockBytesOnHGlobal
OleFlushClipboard
CLSIDFromProgID
CoFreeUnusedLibraries
CoTaskMemFree
StgCreateDocfileOnILockBytes
CoRevokeClassObject
CoCreateInstance
CoUninitialize
StgOpenStorageOnILockBytes
CLSIDFromString

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueW
RegSetValueExW
RegOpenKeyW
RegCloseKey
RegCreateKeyExW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW

shlwapi

PathStripToRootW
PathRemoveFileSpecW
PathFindExtensionW
PathIsUNCW
PathFileExistsW
PathFindFileNameW
PathAppendW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

gdi32

GetStockObject
GetMapMode
RectVisible
ScaleWindowExtEx
PtVisible
ExtSelectClipRgn
SetViewportOrgEx
OffsetViewportOrgEx
GetDeviceCaps
TextOutW
Escape
SelectObject
GetTextColor
SetWindowExtEx
DeleteDC
ScaleViewportExtEx
GetBkColor
ExtTextOutW
GetRgnBox

user32

SendDlgItemMessageA
CopyAcceleratorTableW
RemovePropW
SetRect
RegisterWindowMessageW
WinHelpW
IsRectEmpty
GetNextDlgTabItem
InvalidateRect
CharNextW
MessageBeep
CharUpperW
CreateWindowExW
GetPropW
GetClassInfoExW
SetPropW
GetClassLongW
GetNextDlgGroupItem
InvalidateRgn
DestroyMenu

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3175b7144e464e0d374548d2703bbf42

Headers

File Characteristics

Imports

kernel32

ole32

oleacc

advapi32

shlwapi

shell32

gdi32

user32

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 78KB - Virtual size: 78KB

.edata Size: 1024B - Virtual size: 68KB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 78KB - Virtual size: 78KB

.edata
Size: 1024B - Virtual size: 68KB