07ea56dffe998e636a344f279ad85dc9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07ea56dffe998e636a344f279ad85dc9_JaffaCakes118
Size

427KB
MD5

07ea56dffe998e636a344f279ad85dc9
SHA1

9dfebc1ab95c024bf0dda14ee21710a916dfb784
SHA256

74d85d934731914ffff20b045c3006e9ae471c1f6f4dfd4c7ada99e8beed6861
SHA512

402b013dd64e3cf1e1d8a11262614fff7706aa4266b0ba71ca353cb7279417942ff92c256809a692d080d289868cf85ab08532b402d7111ee70067411561cf94
SSDEEP

6144:TsROllBd+Rybb8bP8vlw6Y95VGzQJmsouMEwcxsdnikirZC+P6/bRPzkbA:57Bd+IIbUwQemshEQrZvP6/C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07ea56dffe998e636a344f279ad85dc9_JaffaCakes118

Files

07ea56dffe998e636a344f279ad85dc9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a55ba77c3901c6f0432d9c22b58df7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameA
ChooseColorW
GetFileTitleA
GetFileTitleW
FindTextW
GetOpenFileNameW
PrintDlgW
ChooseFontA
PageSetupDlgA
LoadAlterBitmap
ChooseFontW
PageSetupDlgW
GetSaveFileNameW
FindTextA
GetOpenFileNameA
ReplaceTextW
ReplaceTextA

shell32

SheGetDirA
SHGetSpecialFolderPathW
SHUpdateRecycleBinIcon
SHGetNewLinkInfo
SHChangeNotify
SHGetInstanceExplorer
DragAcceptFiles
SheChangeDirA
RealShellExecuteExA
SHGetFileInfoW
ExtractAssociatedIconExW

advapi32

RegSaveKeyA
CryptAcquireContextW
AbortSystemShutdownA
RegCreateKeyA
RegQueryInfoKeyA
CryptVerifySignatureA
CryptGenRandom
RegSetValueExA
RegEnumValueA
RegSetKeySecurity
LogonUserW
CryptCreateHash
RegDeleteKeyA
CreateServiceW
RegDeleteValueA
CryptDestroyHash
LookupPrivilegeDisplayNameW
RegDeleteValueW
RegQueryValueExA
InitiateSystemShutdownW
RegEnumKeyExW
RegQueryMultipleValuesW
CryptExportKey
CryptEnumProviderTypesA

user32

DrawStateA
OemKeyScan
ChangeMenuA
UnhookWinEvent
GetMessagePos
ChildWindowFromPointEx
CharLowerW
DdeInitializeW
InSendMessageEx
DlgDirListComboBoxW
DestroyCursor

kernel32

DeleteCriticalSection
MultiByteToWideChar
GetTickCount
LCMapStringW
HeapAlloc
TlsFree
GetLocaleInfoA
FreeEnvironmentStringsW
GetCPInfo
GetTimeFormatA
GetACP
TlsSetValue
GetFileType
SetThreadLocale
HeapFree
SetConsoleMode
InitializeCriticalSection
VirtualQuery
EnumSystemLocalesA
InterlockedIncrement
EnumResourceTypesW
HeapReAlloc
GetModuleHandleA
GetOEMCP
GetVersionExA
InterlockedDecrement
FlushViewOfFile
GetEnvironmentStringsW
GetCommandLineA
TlsAlloc
GetCommandLineW
SetConsoleCtrlHandler
GetDateFormatA
IsValidLocale
GetLastError
HeapSize
GetModuleFileNameW
WideCharToMultiByte
SetLastError
LeaveCriticalSection
GetStdHandle
GetStringTypeA
GetCurrentThreadId
HeapCreate
RtlUnwind
IsDebuggerPresent
FreeLibrary
GetStringTypeW
GetCurrentProcess
GetSystemTimeAsFileTime
GetStartupInfoA
WriteFile
FindAtomW
TlsGetValue
GetTempFileNameW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LCMapStringA
AddAtomA
InterlockedExchange
GetStartupInfoW
CompareStringW
FreeEnvironmentStringsA
GetAtomNameA
EnterCriticalSection
LoadLibraryA
IsValidCodePage
ExitProcess
MoveFileW
GetLocaleInfoW
WaitCommEvent
Sleep
QueryPerformanceCounter
GetProcessHeap
GetUserDefaultLCID
GetTimeZoneInformation
VirtualFree
GetModuleFileNameA
GetEnvironmentStrings
SetEnvironmentVariableA
GetCurrentThread
TerminateProcess
GetProcAddress
SetHandleCount
VirtualAlloc
HeapDestroy
GetCurrentProcessId
CompareStringA

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a55ba77c3901c6f0432d9c22b58df7e

Headers

File Characteristics

Imports

comdlg32

shell32

advapi32

user32

kernel32

Sections

.text Size: 137KB - Virtual size: 136KB

.data Size: 274KB - Virtual size: 300KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 137KB - Virtual size: 136KB

.data
Size: 274KB - Virtual size: 300KB

.rsrc
Size: 14KB - Virtual size: 14KB