147caa0314fce636d553576307fa29d6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

147caa0314fce636d553576307fa29d6_JaffaCakes118
Size

225KB
MD5

147caa0314fce636d553576307fa29d6
SHA1

a1984ee7f74270defeb985d53dc6f4210b3c2527
SHA256

6f0fac34ab9c14c4717d2a1ca798ca8eb4b82b493679691247b1ea6bed25fb17
SHA512

ed993e0c00a41e335109526163df59b3ae79ab4ec154e482f3edbd8014b600cb53f3971a496c84c96dc78d4cfb56a148b695dc877da98ff9c26ce5bbe18ad80b
SSDEEP

6144:ocTcDNR1jD1rXcnAMZ8yYGim6IY5Z/G9D5WmHsO:5TWE8yl1YfG1Ym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
147caa0314fce636d553576307fa29d6_JaffaCakes118

Files

147caa0314fce636d553576307fa29d6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

063678a973a0a52a0dcd875a927841ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
GetLogicalDriveStringsA
IsDebuggerPresent
lstrcmp
MulDiv
CompareFileTime
MoveFileA
GetNumberFormatA
OpenEventA
IsBadWritePtr
LoadLibraryA
QueryPerformanceCounter
GlobalGetAtomNameW
GetHandleInformation
QueryPerformanceFrequency
GetVersion
GetTempFileNameW
FileTimeToLocalFileTime
lstrcmpW
FindResourceA
GetComputerNameA
FreeLibrary
GetVolumeInformationW
BeginUpdateResourceW
GlobalAlloc
Sleep
GetVersionExW
lstrcmpiW
CopyFileExW
CreateEventW
GetUserDefaultLCID
LocalFree
GetLongPathNameW
CreatePipe
DisconnectNamedPipe
ConnectNamedPipe
GetWindowsDirectoryW
GetStringTypeA
SetComputerNameW
lstrcmpi
IsBadCodePtr
GetCurrentProcessId
SetCurrentDirectoryA
GetProcAddress
AddAtomW
GetFileTime
ExitThread
GetDiskFreeSpaceW
lstrcmpiA

user32

GetForegroundWindow
AppendMenuW
MessageBoxIndirectW
DialogBoxIndirectParamW
CharPrevW
CreateDialogParamW
CheckRadioButton
CheckMenuRadioItem
EndMenu
CharLowerW
CreateDesktopW
GetWindowRect
EnumChildWindows
RegisterClassExA
CharUpperA
IsIconic
MoveWindow
SetWindowPos
CreateCaret

gdi32

CreateColorSpaceW
ResizePalette
SelectClipPath
EndFormPage
GetLogColorSpaceA
CreateRectRgn
StretchDIBits
CloseMetaFile
GetPaletteEntries
GetPixel
GetCharWidthI
CreateDCW
DeleteEnhMetaFile
ExtTextOutW

advapi32

RegReplaceKeyA
RegRestoreKeyA
RegFlushKey
RegOpenKeyA
RegCloseKey

shlwapi

PathIsDirectoryA
wnsprintfW
PathRemoveExtensionW
AssocCreate
PathBuildRootW
UrlGetPartA
SHGetThreadRef
PathIsRootW
AssocQueryKeyA

oleaut32

VarDecFromUI8

urlmon

URLOpenBlockingStreamA
GetComponentIDFromCLSSPEC
MkParseDisplayNameEx
DllRegisterServerEx
DllUnregisterServer
CreateURLMoniker
URLOpenBlockingStreamW
SetSoftwareUpdateAdvertisementState
HlinkNavigateString
PrivateCoInstall
CoInternetCompareUrl
CopyBindInfo
URLDownloadA
CoGetClassObjectFromURL
CreateFormatEnumerator
DllRegisterServer
URLDownloadToFileW
AsyncGetClassBits
URLDownloadW
Extract

winmm

waveInOpen
sndPlaySoundW
mixerGetDevCapsA
mmioStringToFOURCCA
midiOutGetErrorTextA
joy32Message
midiInAddBuffer
GetDriverModuleHandle
WOWAppExit
midiOutCachePatches

Sections

.KAYd
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Tz
Size: 3KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.O
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VS
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.G
Size: 1024B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IPu
Size: 4KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.epz
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.OlsZXZ
Size: 4KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

063678a973a0a52a0dcd875a927841ee

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

oleaut32

urlmon

winmm

Sections

.KAYd Size: 9KB - Virtual size: 9KB

.Tz Size: 3KB - Virtual size: 420KB

.O Size: 85KB - Virtual size: 84KB

.VS Size: 14KB - Virtual size: 14KB

.G Size: 1024B - Virtual size: 40KB

.IPu Size: 4KB - Virtual size: 26KB

.epz Size: 85KB - Virtual size: 85KB

.data Size: 9KB - Virtual size: 112KB

.OlsZXZ Size: 4KB - Virtual size: 187KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1024B - Virtual size: 1024B

.KAYd
Size: 9KB - Virtual size: 9KB

.Tz
Size: 3KB - Virtual size: 420KB

.O
Size: 85KB - Virtual size: 84KB

.VS
Size: 14KB - Virtual size: 14KB

.G
Size: 1024B - Virtual size: 40KB

.IPu
Size: 4KB - Virtual size: 26KB

.epz
Size: 85KB - Virtual size: 85KB

.data
Size: 9KB - Virtual size: 112KB

.OlsZXZ
Size: 4KB - Virtual size: 187KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 1024B