069193c505539721154602f2048dd764_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

069193c505539721154602f2048dd764_JaffaCakes118
Size

244KB
MD5

069193c505539721154602f2048dd764
SHA1

ac22d1d0397aaa8f69c43766ca8051ec0b808be1
SHA256

953133da04c16d3d611584bd9d9af321e5b960b685b19530b017564d9aa7de93
SHA512

008fa5f1dbe4c0eac5ebb39ed308ec23fdd1b028a2a5c8e421ee10bde4ac732cbecd641239061124baa65873ed9307c5e8e44d93eae92b6f1dc695019e4d8683
SSDEEP

6144:rm2c7HxPkwOfk/FtNN3wCCKyT9ATMSuiZMuXlrmEl:S2YdHOM/ZNgz9ADLZnXwEl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
069193c505539721154602f2048dd764_JaffaCakes118

Files

069193c505539721154602f2048dd764_JaffaCakes118
.exe windows:4 windows x86 arch:x86

037bc9ceb177c127aa9cc64e130cda92

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
GetTempFileNameA
lstrlenA
lstrcpyA
SetFileAttributesA
Sleep
RemoveDirectoryA
CreateFileA
CopyFileA
GetFileSize
GetEnvironmentVariableA
SetFileTime
CompareFileTime
GetFileAttributesA
GetTickCount
GetDiskFreeSpaceA
GetVersion
CreateThread
CreateProcessA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetWindowsDirectoryA
CreateDirectoryA
GetSystemDirectoryA
MultiByteToWideChar
ExpandEnvironmentStringsA
WaitForSingleObject
GetExitCodeProcess
LoadLibraryA
CloseHandle
FindFirstFileA
DeleteFileA
FindNextFileA
FindClose
lstrcmpiA
lstrcpynA
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GlobalAlloc
ReadFile
GlobalFree
GetProcAddress
MulDiv
SetFilePointer
FreeLibrary
WriteFile
GetPrivateProfileStringA
WritePrivateProfileStringA
ExitProcess
GetCurrentProcess

user32

EndDialog
SetFocus
EnableWindow
SetWindowPos
ScreenToClient
IsWindowEnabled
GetWindowRect
GetDlgItem
SetClassLongA
GetParent
CharPrevA
GetDlgItemTextA
MapWindowPoints
GetMessagePos
SetWindowTextA
SetWindowLongA
GetWindowLongA
ExitWindowsEx
CallWindowProcA
SetTimer
DialogBoxParamA
SendMessageA
DefWindowProcA
GetClientRect
SetRect
FillRect
GetWindowTextA
DrawTextA
EndPaint
LoadIconA
LoadCursorA
CreateDialogParamA
DestroyWindow
PostQuitMessage
ShowWindow
SetForegroundWindow
MessageBoxA
wsprintfA
FindWindowExA
IsWindow
DispatchMessageA
SetDlgItemTextA
CharNextA
IsWindowVisible
GetSysColor
LoadBitmapA
RegisterClassA
SystemParametersInfoA
GetDesktopWindow
CreateWindowExA
BeginPaint
PeekMessageA

gdi32

SetTextColor
SetBkMode
CreateFontA
CreateSolidBrush
DeleteObject
SetBkColor
GetNearestColor
CreateBrushIndirect
SelectObject

advapi32

RegCloseKey
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegEnumValueA
RegCreateKeyA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

shell32

SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
SHFileOperationA
SHBrowseForFolderA

ole32

CoCreateInstance
OleInitialize
OleUninitialize

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

comctl32

ord17
ImageList_Destroy
ImageList_Create
ImageList_SetBkColor
ImageList_Add

Sections

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

037bc9ceb177c127aa9cc64e130cda92

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

version

comctl32

Sections

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 27KB - Virtual size: 121KB

.rsrc Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 27KB - Virtual size: 121KB

.rsrc
Size: 4KB - Virtual size: 3KB