14f79082bb713baba4b1340f50d01359_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14f79082bb713baba4b1340f50d01359_JaffaCakes118
Size

97KB
MD5

14f79082bb713baba4b1340f50d01359
SHA1

d727998ffcae48234e24d0a1ab79f719b5300efc
SHA256

22f75e5cc98162c360cac12f61e9874a29990b0b68a0ecbba503f782b9d08c27
SHA512

1158e905e2fb4cc230f7d1459edd0aefde3c30bb8defed6d2370dbc596bc82cc823399f4f0490676e8a55558538560fe6212a9481782e1bae57148e49b4a6bc6
SSDEEP

1536:NDL4LA0Iizr/tdr8YuEXIbOhLDNT2r5N+2Zj6FMMHMxbrb07Ir:NDs+2Prruw6OhLDNyd4uMHMhv00r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14f79082bb713baba4b1340f50d01359_JaffaCakes118

Files

14f79082bb713baba4b1340f50d01359_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9fdca8f5997fe5e3856f74ef9fd2320a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetBkColor

version

VerQueryValueA

msvcrt

wcsncmp
log10
atol
wcscspn
acos
memcmp
rand

shlwapi

SHQueryInfoKeyA
SHEnumValueA
PathIsDirectoryA
SHDeleteValueA
SHQueryValueExA
SHDeleteKeyA
PathIsContentTypeA
SHStrDupA

user32

GetWindowDC
DefMDIChildProcA
DrawIconEx
SetWindowsHookExA
ClientToScreen
UnhookWindowsHookEx
GetTopWindow
GetClipboardData
InvalidateRect
GetClientRect
DeleteMenu
DestroyMenu
GetWindow
ScrollWindow
FillRect
IsIconic
TranslateMessage
CreateWindowExA
SetClipboardData
GetSystemMenu
WindowFromPoint
IsChild
GetDC
InflateRect
EnableScrollBar
SetWindowLongA
PeekMessageA
GetMessagePos
SetMenuItemInfoA
GetWindowRect
DispatchMessageW
CreatePopupMenu
PtInRect
GetWindowPlacement
GetMenuItemInfoA
SetScrollInfo
GetScrollInfo
DestroyCursor
GetSubMenu
ReleaseDC
CharNextA
GetKeyboardLayoutList
GetClassNameA
GetKeyState
DestroyWindow
SetPropA
CharLowerBuffA
RedrawWindow
UnregisterClassA
DefWindowProcA
SetActiveWindow
MapVirtualKeyA
GetWindowLongA
GetKeyboardState
PostQuitMessage
SetScrollRange
RegisterClipboardFormatA
MoveWindow
SetWindowPlacement
EnableMenuItem
SetRect
EnumThreadWindows
MessageBeep
ShowScrollBar
LoadIconA
SetFocus
GetCursor
GetWindowThreadProcessId
GetKeyboardLayoutNameA
SetWindowPos
SetTimer
PostMessageA
OpenClipboard
DrawFrameControl
GetMenuItemID
EqualRect
GetActiveWindow
ReleaseCapture
CharLowerA
GetWindowTextA
EndPaint
GetFocus
CharNextW
IsDialogMessageW
GetParent
ChildWindowFromPoint
TrackPopupMenu
RemoveMenu
GetSysColorBrush
GetCapture
CheckMenuItem
GetDesktopWindow
GetScrollPos
GetSystemMetrics
GetLastActivePopup
MsgWaitForMultipleObjects
EnumChildWindows
GetCursorPos
GetMenuState
KillTimer
LoadKeyboardLayoutA
RegisterClassA
LoadBitmapA
MessageBoxA
ShowOwnedPopups
DispatchMessageA
ShowWindow
IsDialogMessageA
ScreenToClient
DrawEdge
SetScrollPos
SetCursor
GetSysColor
OffsetRect
CharUpperBuffA
SetMenu
SendMessageW
RegisterWindowMessageA
GetClassLongA
SetClassLongA
FrameRect
InsertMenuItemA
GetKeyboardLayout
CloseClipboard
CallWindowProcA
GetDCEx
DefFrameProcA
CreateIcon
LoadStringA
TranslateMDISysAccel
GetMenuStringA
GetMenuItemCount
GetScrollRange
IsWindow
CharToOemA
DestroyIcon
LoadCursorA
IsZoomed
SendMessageA
DrawIcon
GetMenu
RemovePropA
EnableWindow
IntersectRect
UpdateWindow
IsWindowVisible
SetParent
CallNextHookEx
IsWindowUnicode

advapi32

RegEnumKeyA
RegEnumValueA
RegLoadKeyA
GetLengthSid

kernel32

GetModuleHandleW
ExitProcess
GetProcAddress
LocalAlloc
VirtualAllocEx
LoadLibraryA
IsBadReadPtr
ExitThread
GetCommandLineA
GetModuleHandleA
GetCommandLineW

oleaut32

SafeArrayUnaccessData
SysAllocStringLen
SafeArrayGetUBound
SysReAllocStringLen
SafeArrayCreate
SysFreeString
SysStringLen
VariantChangeType
RegisterTypeLib

gdi32

CreatePalette
CreatePenIndirect
GetDIBColorTable
SetPixel
GetBitmapBits
CreateFontIndirectA
SelectPalette
CreateDIBitmap
GetCurrentPositionEx
CreateBitmap

ole32

WriteClassStm
ReleaseStgMedium
CoCreateInstanceEx

shell32

SHGetFolderPathA
SHFileOperationA

Sections

CODE
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 773B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc8
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc1
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc9
Size: 282KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fdca8f5997fe5e3856f74ef9fd2320a

Headers

File Characteristics

Imports

comctl32

version

msvcrt

shlwapi

user32

advapi32

kernel32

oleaut32

gdi32

ole32

shell32

Sections

CODE Size: 70KB - Virtual size: 69KB

DATA Size: 1024B - Virtual size: 773B

.rsrc4 Size: 1KB - Virtual size: 1KB

.rsrc8 Size: 1024B - Virtual size: 672B

.rsrc1 Size: 6KB - Virtual size: 6KB

.rsrc2 Size: 1KB - Virtual size: 1KB

.rsrc9 Size: 282KB - Virtual size: 282KB

.rsrc Size: 1024B - Virtual size: 976B

CODE
Size: 70KB - Virtual size: 69KB

DATA
Size: 1024B - Virtual size: 773B

.rsrc4
Size: 1KB - Virtual size: 1KB

.rsrc8
Size: 1024B - Virtual size: 672B

.rsrc1
Size: 6KB - Virtual size: 6KB

.rsrc2
Size: 1KB - Virtual size: 1KB

.rsrc9
Size: 282KB - Virtual size: 282KB

.rsrc
Size: 1024B - Virtual size: 976B