09e3e29e85d77fca8a9006dfe68b5b02_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

09e3e29e85d77fca8a9006dfe68b5b02_JaffaCakes118
Size

101KB
MD5

09e3e29e85d77fca8a9006dfe68b5b02
SHA1

021a58a0bdc28c26576680ad2157d8f8b6f091c3
SHA256

e8b09476dae18df5fba735972cd6b99c267256cb4e4353973bcc968dd1e0433c
SHA512

31854471164fe29fa5219a364b9027f12497fd5f21d4d40403fe6c0259ca078ec895a68f595e240dcf184426f1e503bc9898b148c80afdd525bd6bad18d12829
SSDEEP

1536:bKC2hHZR+4HLVWaq/ZVDkfV3/Fs2DequDbjyzqXHPnJrDGW:xEHZP0aq/zDk93BDqPwuHND

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09e3e29e85d77fca8a9006dfe68b5b02_JaffaCakes118

Files

09e3e29e85d77fca8a9006dfe68b5b02_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fb05fc0bff559faad72043077d658bfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

atol
RtlDeleteCriticalSection
_wcsnicmp
NtWaitForSingleObject

ole32

OleRun
CoCreateFreeThreadedMarshaler
OleRegGetUserType
CLSIDFromString

advapi32

GetUserNameA
GetLengthSid
RegEnumKeyExA
RegQueryInfoKeyA

user32

EnumThreadWindows
DrawMenuBar
ShowWindow
CreateWindowExA
EnableMenuItem
SetWindowLongA
GetForegroundWindow
GetMenuItemInfoA
EnumChildWindows
GetScrollPos
GetCursorPos
GetMenuStringA
CharNextA
CharLowerA
DispatchMessageA
SetWindowPos
DefWindowProcA
DrawEdge
EndDeferWindowPos
GetDC
GetMessagePos
GetDCEx
GetMenuState
GetClientRect
GetSysColor
EnableWindow
GetScrollRange
GetMenuItemID
IsChild
FillRect
FindWindowA
GetMenu
DrawIcon
GetDesktopWindow
SetTimer
SetWindowTextA
EnableScrollBar
EqualRect
DefFrameProcA
GetDlgItem
HideCaret
IsWindowEnabled
CreateMenu
GetFocus
GetScrollInfo
IsMenu
GetClipboardData
GetCursor
CharLowerBuffA
ClientToScreen
GetKeyNameTextA
GetCapture
GetActiveWindow
GetMenuItemCount
DrawFrameControl
GetParent
GetIconInfo
BeginPaint
EnumWindows
CreateIcon
CharToOemA

msvcrt

memcpy
wcscspn
tolower
wcsncmp
wcschr
malloc
sqrt
calloc
atol
time
srand
memmove

version

VerFindFileA

kernel32

ExitThread
GetCommandLineA
InitializeCriticalSection
LoadLibraryA
SetFilePointer
GetUserDefaultLCID
GetTickCount
CreateEventA
VirtualQuery
MoveFileExA
ResetEvent
VirtualFree
SetHandleCount
SetLastError
lstrcmpiA
LoadLibraryExA
LocalFree
FindClose
DeleteCriticalSection
LocalReAlloc
CloseHandle
GetSystemDefaultLangID
lstrcpyA
VirtualAllocEx
GetACP
GlobalAlloc
FormatMessageA
GlobalAddAtomA
LoadResource
SetEvent
GetCurrentThread
WriteFile
GetModuleFileNameA
WideCharToMultiByte
GetStringTypeW
lstrlenA
GetLocalTime
FindResourceA
ReadFile
ExitProcess
lstrcpynA
GetProcAddress
WaitForSingleObject
GetThreadLocale
GetCurrentProcess
CreateFileA
GetStdHandle
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
EnterCriticalSection
GetEnvironmentStrings
LockResource
MulDiv
RaiseException
FindFirstFileA
DeleteFileA
GetDateFormatA
EnumCalendarInfoA
lstrcatA
GetCPInfo
SetEndOfFile
SizeofResource
SetThreadLocale
CompareStringA
lstrcmpA

oleaut32

RegisterTypeLib
SafeArrayCreate
SafeArrayUnaccessData
GetErrorInfo
SafeArrayGetElement
SysFreeString
SafeArrayPtrOfIndex

shlwapi

PathFileExistsA
SHDeleteValueA
PathGetCharTypeA
SHGetValueA
SHDeleteKeyA
SHSetValueA
SHQueryInfoKeyA
SHQueryValueExA
SHStrDupA

comdlg32

GetFileTitleA
ChooseColorA
FindTextA
GetOpenFileNameA
GetSaveFileNameA

Sections

.2
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

0
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb05fc0bff559faad72043077d658bfb

Headers

File Characteristics

Imports

ntdll

ole32

advapi32

user32

msvcrt

version

kernel32

oleaut32

shlwapi

comdlg32

Sections

.2 Size: 43KB - Virtual size: 42KB

0 Size: 43KB - Virtual size: 42KB

9 Size: 12KB - Virtual size: 11KB

.4 Size: 2KB - Virtual size: 1KB

.2
Size: 43KB - Virtual size: 42KB

0
Size: 43KB - Virtual size: 42KB

9
Size: 12KB - Virtual size: 11KB

.4
Size: 2KB - Virtual size: 1KB