b84100b50a883ab9f16176d2382cc13e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b84100b50a883ab9f16176d2382cc13e_JaffaCakes118
Size

379KB
MD5

b84100b50a883ab9f16176d2382cc13e
SHA1

6f290c5dcffe16d6114fc21d3c77ef230e7c9aa3
SHA256

64bb93f682999358b0a45a70851d90ff5f3448633cf4ce1a43e374be6680200e
SHA512

d8e64b47ba64ff5f07c398dbe34f5e4c2cdcad16a6bee3f68d540d60bf130f5279cd318be55531a65af69114b9dd20ce2b5d849a0756bba48b5d74060a172b9f
SSDEEP

6144:e8/y1i0Ake/A7/ca/cp4gfjlP2crPKOQaL70wx9EXo+WQKWNN:615Aj/Aj7gblPiaLYWSFb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
b84100b50a883ab9f16176d2382cc13e_JaffaCakes118

Files

b84100b50a883ab9f16176d2382cc13e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

80ebc956cf9a6486a46333d3e5eaad32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW

advapi32

RegQueryValueExA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegCloseKey
RegDeleteKeyA

comctl32

ord16
ImageList_Destroy
FlatSB_GetScrollInfo
ord17

kernel32

WaitForSingleObject
GetSystemDirectoryA
GetCommandLineA
CreateFileA
GetLastError
GetProcAddress
WritePrivateProfileStringA
lstrcmpA
GetModuleFileNameA
GetTempFileNameA
GetVersion
GetTempPathA
lstrlenA
GetShortPathNameA
FindNextFileA
GetExitCodeProcess
SetFileAttributesA
FindClose
GetFileSize
GetFullPathNameA
GetTickCount
RemoveDirectoryA
GetModuleHandleA
LoadLibraryExA
CreateDirectoryA
FreeLibrary
lstrcpynA
MulDiv
MoveFileA
GetWindowsDirectoryA
GlobalAlloc
LoadLibraryA
Sleep
CompareFileTime
ReadFile
ExitProcess
GlobalLock
CopyFileA
GetDiskFreeSpaceA
GetPrivateProfileStringA
SetErrorMode
CloseHandle
GetCurrentProcess
FindFirstFileA
GlobalUnlock
WriteFile
SetFileTime
SearchPathA
DeleteFileA
lstrcatA
SetFilePointer
CreateThread
ExpandEnvironmentStringsA
GetFileAttributesA
GlobalFree
CreateProcessA
SetCurrentDirectoryA

ole32

IsAccelerator
OleUninitialize
CoLockObjectExternal
OleInitialize
CoCreateInstance
CoTaskMemFree

shell32

SHGetPathFromIDListA
SHGetFileInfoA
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHFileOperationA

gdi32

DeleteObject
SetBkMode
SelectObject
CreateFontIndirectA
GetDeviceCaps
SetTextColor
SetBkColor
CreateBrushIndirect

user32

PeekMessageA
SetWindowLongA
TrackPopupMenu
LoadBitmapA
GetWindowLongA
GetClassInfoA
SetTimer
PostQuitMessage
SetClassLongA
DrawTextA
SetForegroundWindow
CheckDlgButton
RegisterClassA
CreatePopupMenu
GetWindowRect
SetClipboardData
GetSystemMetrics
CreateWindowExA
OpenClipboard
DispatchMessageA
GetDC
MessageBoxIndirectA
ScreenToClient
IsWindowVisible
SetWindowPos
ShowWindow
SetDlgItemTextA
ExitWindowsEx
SystemParametersInfoA
GetMessagePos
IsWindow
GetSysColor
EndDialog
EndPaint
GetDlgItem
GetDlgItemTextA
CloseClipboard
wsprintfA
GetSystemMenu
DialogBoxParamA
GetClientRect
SetWindowTextA
SetCursor
CallWindowProcA
SendMessageTimeoutA
InvalidateRect
BeginPaint
EnableWindow
FindWindowExA
EmptyClipboard
FillRect
SendMessageA
IsWindowEnabled
DestroyWindow
DefWindowProcA
LoadImageA
CharNextA
CreateDialogParamA
CharPrevA
LoadCursorA
AppendMenuA

Sections

.text
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 54B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80ebc956cf9a6486a46333d3e5eaad32

Headers

File Characteristics

Imports

version

advapi32

comctl32

kernel32

ole32

shell32

gdi32

user32

Sections

.text Size: 70KB - Virtual size: 72KB

.data Size: 55KB - Virtual size: 55KB

.rdata Size: 209KB - Virtual size: 208KB

.bss Size: - Virtual size: 8KB

.idata Size: 4KB - Virtual size: 4KB

.CRT Size: 512B - Virtual size: 54B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 38KB - Virtual size: 37KB

.text
Size: 70KB - Virtual size: 72KB

.data
Size: 55KB - Virtual size: 55KB

.rdata
Size: 209KB - Virtual size: 208KB

.bss
Size: - Virtual size: 8KB

.idata
Size: 4KB - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 54B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 38KB - Virtual size: 37KB