173be021b5f17742522c889d57f77688_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

173be021b5f17742522c889d57f77688_JaffaCakes118
Size

192KB
MD5

173be021b5f17742522c889d57f77688
SHA1

6b7e55ee140adfc4b772778fcadc7e8b2cb33bc3
SHA256

08ed498c6e82d23090a0215ead9348e8d10e43ca67e575fa37f7c10b50f16f04
SHA512

2fefb2d43422759eb25d359c38266d509ed2180be236f3530369671bdd80158f375e7c44607663a1e798c93b7d34e214f512020a1acf636a30b6c66fb226cfa1
SSDEEP

3072:KwG30RnjXOxNUVBXP2FW6zDRWVj4FTkrs+STJ8+c6TDhhpqewhf/ZHA6OuX2cApK:AERy0XP2FWMde4mrCT/cWp0rX2Hp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
173be021b5f17742522c889d57f77688_JaffaCakes118

Files

173be021b5f17742522c889d57f77688_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f8ed87e0627af8483cb8c0becceeaf73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GetCPInfo
FindResourceA
HeapAlloc
LoadResource
ExitProcess
SetLastError
GetCommandLineA
GetStartupInfoA
GetVersionExA
Sleep
LocalFree
LoadLibraryA
IsBadReadPtr
GetDateFormatA
VirtualAllocEx
FindClose
MoveFileA
GlobalDeleteAtom
GetSystemDefaultLangID
CreateThread
GetACP
LockResource
GetModuleHandleA
GetCommandLineW
WideCharToMultiByte
GetProcAddress
lstrlenA
LoadLibraryExA
ExitThread
GetStringTypeW
VirtualQuery

user32

CharToOemA
GetScrollPos
SetWindowPlacement
ReleaseDC
SetRect
DrawEdge
GetMenuStringA
MoveWindow
EndPaint
IsWindow
SetScrollRange
GetSysColorBrush
GetSysColor
DispatchMessageW
InsertMenuA
ShowScrollBar
DrawIcon
ClientToScreen
SetWindowLongA
EnumThreadWindows
SetCursor
DefWindowProcA
GetWindowRect
GetKeyboardLayoutList
GetMenuItemInfoA
WindowFromPoint
RemovePropA
GetWindowThreadProcessId
DefFrameProcA
GetWindowLongW
EnableMenuItem
RemoveMenu
SetTimer
IsWindowUnicode
GetIconInfo
RegisterClipboardFormatA
MsgWaitForMultipleObjects
ShowWindow
LoadKeyboardLayoutA
GetClassLongA
BeginPaint
TranslateMDISysAccel
IntersectRect
LoadIconA
EnableScrollBar
GetWindowPlacement
SendMessageA
RegisterClassA
MapWindowPoints
GetScrollInfo
InflateRect
PeekMessageW
GetScrollRange
MessageBeep
RegisterWindowMessageA
ScreenToClient
GetForegroundWindow
GetKeyboardType
UnhookWindowsHookEx
SetMenu
GetWindowTextA
wsprintfA
SetClassLongA
SetWindowsHookExA
ActivateKeyboardLayout
ScrollWindow
DrawFrameControl
PostMessageA
SystemParametersInfoA
GetPropA
IsZoomed
TranslateMessage
DrawMenuBar
SetScrollPos
GetLastActivePopup
OpenClipboard
DrawAnimatedRects
PeekMessageA
GetParent
PtInRect
IsWindowVisible
UnregisterClassA
MessageBoxA
GetMenuState
CheckMenuItem
DrawTextA
RedrawWindow
GetMenu
SetWindowLongW
InsertMenuItemA
UpdateWindow
GetClassInfoA
CloseClipboard
ChildWindowFromPoint
DestroyIcon
CreatePopupMenu
EnumChildWindows
GetDC
SetWindowPos
GetMenuItemCount
WaitMessage
IsDialogMessageW
InvalidateRect
DestroyMenu
SendMessageW
SetScrollInfo
DeleteMenu
FindWindowA
TrackPopupMenu
CharNextW
GetMenuItemID
DefMDIChildProcA
FrameRect
PostQuitMessage
CallWindowProcA
CharUpperBuffA
LoadCursorA
GetClientRect
GetKeyboardLayout
SetParent
GetSubMenu
SetPropA
GetWindowLongA
GetCursor
MapVirtualKeyA
IsChild
ShowOwnedPopups
LoadBitmapA
GetSystemMenu
EnableWindow
SetClipboardData
GetWindowDC
EqualRect
CreateWindowExA
GetDesktopWindow
CallNextHookEx
GetDlgItem
CreateIcon
SetFocus
SetWindowTextA
GetKeyState
GetSystemMetrics
GetFocus
GetKeyNameTextA
OffsetRect
GetDCEx
CharNextA
KillTimer
GetMessagePos
SetForegroundWindow
IsWindowEnabled
GetClassNameA
IsDialogMessageA
DestroyCursor
CreateMenu
DestroyWindow
IsIconic
GetKeyboardLayoutNameA
CharLowerA
EmptyClipboard
SetCapture
GetKeyboardState
GetClipboardData
SetActiveWindow
GetCursorPos
DispatchMessageA
CharLowerBuffA
GetCapture
SetMenuItemInfoA
IsRectEmpty
DrawIconEx
FillRect

comdlg32

FindTextA
GetFileTitleA
GetSaveFileNameA

gdi32

GetDIBits
BitBlt
SetTextColor
GetClipBox
SetBkColor
GetRgnBox
GetCurrentPositionEx
CreateBrushIndirect
SetBkMode

oleaut32

SysAllocStringLen

Sections

CODE
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 125KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc1
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc9
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc5
Size: 512B - Virtual size: 74B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc2
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc8
Size: 1024B - Virtual size: 893B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8ed87e0627af8483cb8c0becceeaf73

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

gdi32

oleaut32

Sections

CODE Size: 52KB - Virtual size: 52KB

.data Size: 125KB - Virtual size: 161KB

.rsrc1 Size: 2KB - Virtual size: 1KB

.rsrc9 Size: 1KB - Virtual size: 1KB

.rsrc5 Size: 512B - Virtual size: 74B

.rsrc2 Size: 7KB - Virtual size: 6KB

.rsrc8 Size: 1024B - Virtual size: 893B

.rsrc Size: 1024B - Virtual size: 992B

CODE
Size: 52KB - Virtual size: 52KB

.data
Size: 125KB - Virtual size: 161KB

.rsrc1
Size: 2KB - Virtual size: 1KB

.rsrc9
Size: 1KB - Virtual size: 1KB

.rsrc5
Size: 512B - Virtual size: 74B

.rsrc2
Size: 7KB - Virtual size: 6KB

.rsrc8
Size: 1024B - Virtual size: 893B

.rsrc
Size: 1024B - Virtual size: 992B