0e6f2164e5b4ce6d7774a840e9b03780_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0e6f2164e5b4ce6d7774a840e9b03780_JaffaCakes118
Size

171KB
MD5

0e6f2164e5b4ce6d7774a840e9b03780
SHA1

38fdb1a78392b8dca752621c09011557fc61e39d
SHA256

ebe9a6c265402eb8972902331b901097abfb963ff75828b757fe2c77924716f2
SHA512

a6cb06b452e735fe631df303953f9e3983426c9f84837358f7909f14c7b8e8e85440c06932aa4655b50aa08808d7a700f545e8524f603dc13ba87276b3f351dd
SSDEEP

3072:vOktIXKTZtWhWLI9ZyQ1wkL9sXsE1Tpxm0/jt0g3EKvsApKLg:vOdKTZtWYLCwQ1wkL9sc+lsY0mEzAk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e6f2164e5b4ce6d7774a840e9b03780_JaffaCakes118

Files

0e6f2164e5b4ce6d7774a840e9b03780_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a770f7f3a6c5ecd91b374d686ac8ff81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectObject
TextOutW
SetWindowExtEx
GetMapMode
SetViewportOrgEx
DeleteDC
OffsetViewportOrgEx
ExtSelectClipRgn
GetTextColor
ExtTextOutW
RectVisible
GetBkColor
ScaleWindowExtEx
GetStockObject
GetDeviceCaps
Escape
ScaleViewportExtEx
PtVisible
GetRgnBox

ole32

OleFlushClipboard
CoInitialize
CoCreateInstance
CoRegisterMessageFilter
CoRevokeClassObject
CLSIDFromProgID
CreateILockBytesOnHGlobal
OleUninitialize
CoGetClassObject
StgOpenStorageOnILockBytes
CoTaskMemFree
CoFreeUnusedLibraries
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes
OleInitialize
CoUninitialize
CoTaskMemAlloc
CLSIDFromString

advapi32

RegDeleteKeyW
RegEnumKeyW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegOpenKeyW
RegCloseKey
RegEnumKeyExW
RegQueryValueW
RegQueryInfoKeyW
RegQueryValueExW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

shlwapi

PathIsUNCW
PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathAppendW

kernel32

SetFilePointer
InterlockedDecrement
CreateFileW
GetCalendarInfoW
EnumResourceLanguagesW
FindFirstFileW
LoadLibraryW
GetFileAttributesW
MultiByteToWideChar
ReadFile
MoveFileW
GetSystemDefaultLangID
GetThreadContext
WriteFile
EnumResourceNamesA
GetModuleFileNameW
SystemTimeToFileTime
GetCurrentDirectoryW
lstrcpyW
LocalFileTimeToFileTime
FindNextFileW
ExitProcess
SetFileTime
DeleteFileW
GetVersion
GetCurrentProcessId
WideCharToMultiByte
RemoveDirectoryW
CreateDirectoryW
ConvertDefaultLocale
GetLocaleInfoW
FindClose
GetProcAddress

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

GetClassLongW
RegisterWindowMessageW
CreateWindowExW
WinHelpW
IsRectEmpty
InvalidateRgn
GetPropW
SendDlgItemMessageA
SetRect
InvalidateRect
CharNextW
GetNextDlgGroupItem
CopyAcceleratorTableW
SetPropW
GetNextDlgTabItem
CharUpperW
MessageBeep
RemovePropW
GetClassInfoExW
DestroyMenu

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a770f7f3a6c5ecd91b374d686ac8ff81

Headers

File Characteristics

Imports

gdi32

ole32

advapi32

shell32

shlwapi

kernel32

oleacc

user32

Sections

.text Size: 98KB - Virtual size: 98KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 67KB - Virtual size: 67KB

.edata Size: 1024B - Virtual size: 96KB

.text
Size: 98KB - Virtual size: 98KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 67KB - Virtual size: 67KB

.edata
Size: 1024B - Virtual size: 96KB