ffd3b068cf6e24e1094e10b2e0b71134_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ffd3b068cf6e24e1094e10b2e0b71134_JaffaCakes118
Size

21KB
MD5

ffd3b068cf6e24e1094e10b2e0b71134
SHA1

ce480294c6e484fa61e5859841cd1e9c1e423060
SHA256

72f110c16dd885630d638d0994d1975718a72b30469369cce5460a4dca90c169
SHA512

2570437221796a84aa8b995a6f57fb34f5b936deaad6ff87ff756d5785c81270e82ab165fdf253d4b4e3886c3ad64de2e92e173f1e6665b2a45dc565e51afd52
SSDEEP

384:UPSO0QAKv+rJODy5GqFl+ygqnDbLgaQJKOnA/x0zRj8Pr8PgqJjxFFKD:UPUQ29OySy/LJQJ1A/x0zegs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffd3b068cf6e24e1094e10b2e0b71134_JaffaCakes118

Files

ffd3b068cf6e24e1094e10b2e0b71134_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f04d4e9ec170d6614a8d8e36a92d629f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyA
RegSetValueW
RegOpenKeyW
RegQueryValueW
RegCreateKeyExW
RegQueryValueExA
RegCloseKey
RegQueryValueExW
RegOpenKeyA
RegOpenKeyExA
RegEnumKeyW
RegNotifyChangeKeyValue

user32

TranslateMessage
GetWindow
SystemParametersInfoA
IsWindow
SetWindowTextW
GetDC
MessageBoxW
BeginDeferWindowPos
GetScrollInfo
GetMenuState
PostQuitMessage
RegisterClassW
ShowWindow
DispatchMessageW
DestroyIcon

shlwapi

PathFindExtensionW
PathRemoveExtensionW
PathStripToRootW
PathFindFileNameW
PathIsUNCW

shell32

Shell_NotifyIconW
ShellExecuteW
SHGetFileInfoW
ExtractIconW

comdlg32

GetFileTitleW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

ShowHideMenuCtl

kernel32

GetVolumeInformationW
HeapFree
GlobalReAlloc
lstrlenW
FindNextFileW
ReadFile
DeleteFileW
MoveFileW
SetFilePointer
WriteFile
GlobalFree
FindResourceW
CreateEventW
TlsGetValue
lstrlenA
CreateFileW
LockFile
SizeofResource
GetShortPathNameW
lstrcpyA
FlushFileBuffers
GetModuleFileNameW
LockResource
Sleep
GetFullPathNameW
FindFirstFileW
DuplicateHandle
GetStringTypeExW
LeaveCriticalSection
HeapAlloc
GetVersionExW
SetEndOfFile
CopyFileW
GetUserDefaultLCID
UnlockFile
WideCharToMultiByte
FindClose
FormatMessageW
LoadResource
GlobalLock
EnterCriticalSection
GlobalSize
GetThreadLocale
GetProcessHeap
GetFileAttributesW
GlobalUnlock
WaitForSingleObject
GetSystemInfo
MulDiv
GetFileSize
GetCurrentProcessId
GlobalAlloc
GetFileAttributesA
CloseHandle
TerminateProcess
VirtualAlloc
GetCurrentProcess
lstrcmpiW
LoadLibraryA
GetLastError
CreateProcessW
LocalAlloc
SetLastError

ws2_32

WSAGetLastError

Sections

.data
Size: 7KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 473B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f04d4e9ec170d6614a8d8e36a92d629f

Headers

File Characteristics

Imports

advapi32

user32

shlwapi

shell32

comdlg32

oleacc

version

comctl32

kernel32

ws2_32

Sections

.data Size: 7KB - Virtual size: 72KB

.reloc Size: 512B - Virtual size: 24B

.text Size: 512B - Virtual size: 473B

.rsrc Size: 5KB - Virtual size: 4KB

.rdata Size: 7KB - Virtual size: 6KB

.data
Size: 7KB - Virtual size: 72KB

.reloc
Size: 512B - Virtual size: 24B

.text
Size: 512B - Virtual size: 473B

.rsrc
Size: 5KB - Virtual size: 4KB

.rdata
Size: 7KB - Virtual size: 6KB