160e75b8ae34883a895ae4c30f0b649f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

160e75b8ae34883a895ae4c30f0b649f_JaffaCakes118
Size

277KB
MD5

160e75b8ae34883a895ae4c30f0b649f
SHA1

0c37f154ad59ca88f6e582469c839786d54626d6
SHA256

2fb5ef519e9d36ba26007a40a866f3adb3fc1887c1188d38e2fdbc8d3f97fde4
SHA512

a0621a92930eceed9a530ef22d46b770d60b8c29514642d49656e8cde41d6b13190f3a402402b9d4407740000fda430090ab6e705b2f3542c23e3ecfb8234958
SSDEEP

6144:HJp1uAR8IT2KA+C0L/zmBiPBq0LVZMinZRCnTZk:pp13T2Kj/zseMOMinnCTy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
160e75b8ae34883a895ae4c30f0b649f_JaffaCakes118

Files

160e75b8ae34883a895ae4c30f0b649f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc021710f445bec0c5d1eb6c0b022882

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
GetLastError
SizeofResource
WritePrivateProfileStringW
ResetEvent
GetVersion
GlobalAddAtomW
CreateEventW
GetLogicalDrives
SetWaitableTimer
GlobalDeleteAtom
MulDiv
ReadProcessMemory
Sleep
InterlockedIncrement
MultiByteToWideChar
WideCharToMultiByte
lstrcpyW
WriteFile
GetPrivateProfileStringW
WaitForSingleObject
CloseHandle
ExitProcess
FreeLibrary
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualProtect
SetEvent
SetEndOfFile
FindResourceW
GetUserDefaultLangID
GetDriveTypeW
LoadLibraryW
GlobalLock
FindFirstChangeNotificationW
GetFileSize
SuspendThread
FindFirstFileW
DuplicateHandle
WaitForMultipleObjects
GetSystemTime
InterlockedDecrement
VirtualAlloc
FileTimeToSystemTime
GetTickCount
VirtualFree
CancelWaitableTimer
GlobalAlloc
CreateThread
GetLocalTime
LockResource
CreateProcessW
ReadFile
ResumeThread
FindNextChangeNotification
MoveFileW
GetModuleFileNameW
FreeResource

user32

GetWindowDC
DrawTextW
DefWindowProcW
TrackPopupMenu
ReleaseDC
UpdateWindow
GetKeyState
PostThreadMessageW
GetWindowRect
IsWindow
GetParent
SetWindowTextW
SetCursor
LoadImageW
GetWindowThreadProcessId
SystemParametersInfoW
GetCursorPos
RegisterWindowMessageW
PostQuitMessage
SetCursorPos
wsprintfW
TranslateMessage
InvalidateRect
GetSysColor
GetSystemMetrics
DestroyIcon
GetClassNameW
AppendMenuW
CreatePopupMenu
VkKeyScanW
RedrawWindow
OffsetRect
LoadStringW
SetWindowPos
DestroyMenu
IsDlgButtonChecked
SetLayeredWindowAttributes
PostMessageW

gdi32

GetObjectW
CreateFontIndirectW
SelectObject
SetDIBits
GetStockObject
StretchBlt
CreatePen
SetTextColor
GetDeviceCaps
CreateRoundRectRgn
LineTo
Rectangle
DeleteDC
CreateICW
GetMapMode
DeleteObject
CreateCompatibleBitmap
GetClipBox
SetMapMode
BitBlt

advapi32

RegDeleteValueW
RegQueryValueExW
LookupAccountSidW
GetUserNameW
StartServiceW
LookupPrivilegeValueW
RegCreateKeyExW
RegCloseKey
RegSetValueExW

ole32

CoUninitialize
CoInitialize

oleaut32

OleLoadPicture
SysFreeString

Sections

.text
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bc021710f445bec0c5d1eb6c0b022882

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 244KB - Virtual size: 243KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 20KB

.text
Size: 244KB - Virtual size: 243KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 20KB