172d835b3fd4c487dcfcb21c4aef5190_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

172d835b3fd4c487dcfcb21c4aef5190_JaffaCakes118
Size

200KB
MD5

172d835b3fd4c487dcfcb21c4aef5190
SHA1

37c2a417e763326bb1dbb13863d6ca64fb86bdc4
SHA256

b5b08bddf7b6c1ad550c7c83d780edca7ff2160147ec8e39bfe174742c89d57f
SHA512

741d168e51287bfd0b3ef9624e20dc51162d5892a907fc0cbb46b07f702dfe134194c7d2b9fe80bc4c13803a330c6b7abb655b848306a38bc843b12a88bf3223
SSDEEP

3072:+mLlTB7BEItpDvUTKq6ldxYcR1Djqi3cmAzzUp+zQ3NPQartnogVSSlIjo/f3z:9LVNBEIHkklUkqFPn2meS0nogVSSz/fD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
172d835b3fd4c487dcfcb21c4aef5190_JaffaCakes118

Files

172d835b3fd4c487dcfcb21c4aef5190_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f6a84fdca4c561afbf187fbdee7fef9e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shlwapi

PathFileExistsA
SHGetValueA
SHEnumValueA
PathIsDirectoryA

kernel32

VirtualAlloc
SetEndOfFile
RaiseException
SetErrorMode
lstrlenA
VirtualAllocEx
ResetEvent

oleaut32

SysStringLen
SysAllocStringLen
GetErrorInfo
SafeArrayGetUBound
VariantChangeType
SafeArrayPtrOfIndex
OleLoadPicture
SafeArrayUnaccessData
SafeArrayGetElement
SysReAllocStringLen

version

GetFileVersionInfoA
VerFindFileA

shell32

SHFileOperationA
Shell_NotifyIconA

ole32

CoReleaseMarshalData
CoGetObjectContext
OleRun
CoUninitialize
CoRegisterClassObject
CoUnmarshalInterface
CoTaskMemFree
CoGetMalloc

comctl32

ImageList_DragShowNolock
ImageList_DrawEx
ImageList_Create
ImageList_Draw
ImageList_Read
ImageList_Write
ImageList_Add

gdi32

CreateDIBSection
CreateCompatibleDC
CreatePenIndirect
GetBitmapBits
LineTo
GetBkMode
CreateBrushIndirect

msvcrt

memcpy
memset
wcstol
wcsncmp
wcscspn
srand

comdlg32

ChooseColorA
GetSaveFileNameA
GetFileTitleA

user32

SetForegroundWindow
FillRect
GetMenuState
SetCapture
CharLowerA
ScreenToClient
IsIconic
SystemParametersInfoA
GetParent
ReleaseCapture
EnumChildWindows
DrawIconEx
GetWindowTextA
WaitMessage
DrawEdge
DeleteMenu
CharNextA
GetLastActivePopup
GetWindowDC
DefFrameProcA
DrawIcon
CharNextW
GetSystemMetrics
MoveWindow
DrawAnimatedRects
EnableScrollBar
SendMessageW
GetSysColor
SetClassLongA
CheckMenuItem
GetWindowLongA
GetWindowLongW
ShowOwnedPopups
DefMDIChildProcA
GetDCEx
CharUpperA
EnableWindow
IsWindowUnicode
EndPaint
InvalidateRect
GetClassLongA
GetWindowPlacement
GetMenuStringA
DispatchMessageA
SetTimer
GetMenu
GetKeyboardType
DrawTextA
SetWindowLongA
GetKeyNameTextA
ClientToScreen
DestroyCursor
RedrawWindow
InflateRect
GetPropA
GetSystemMenu
CreateMenu
MapVirtualKeyA
IsWindow
GetClassNameA
EnableMenuItem
PostQuitMessage
TranslateMessage
OpenClipboard
KillTimer
RemoveMenu
OemToCharA
SetScrollPos
InsertMenuA
RegisterClassA
SetActiveWindow
ScrollWindow
GetIconInfo
UpdateWindow
EqualRect
CallNextHookEx
PeekMessageW
CallWindowProcA
MessageBoxA
SetWindowPos
SetPropA
DrawFrameControl
SetWindowLongW
TrackPopupMenu
GetTopWindow
GetKeyboardState
ChildWindowFromPoint
GetForegroundWindow
MessageBeep
GetMenuItemInfoA
SetParent
ShowWindow
GetMenuItemCount
CharToOemA
AdjustWindowRectEx
RegisterWindowMessageA
SetCursor
SetWindowPlacement
PtInRect
SetWindowTextA
SetRect
GetFocus
IsDialogMessageA
SetMenuItemInfoA
IsWindowEnabled
GetSubMenu
GetMessagePos
ReleaseDC
SetClipboardData
GetMenuItemID
GetKeyboardLayoutList
PostMessageA
GetDlgItem
UnregisterClassA
LoadIconA
CharLowerBuffA
IsCharLowerA
DispatchMessageW
EnumWindows
GetCursor
CreateIcon
IsCharUpperA
GetSysColorBrush
SendMessageA
LoadBitmapA
ShowScrollBar
DrawMenuBar
GetWindowTextLengthA
WindowFromPoint
DestroyIcon
FrameRect
LoadKeyboardLayoutA
SetMenu
GetClipboardData
GetKeyboardLayout
IsZoomed
EmptyClipboard
TranslateMDISysAccel
IsRectEmpty
wsprintfA
IsDialogMessageW
DestroyMenu
PeekMessageA
CloseClipboard
EnumThreadWindows
UnhookWindowsHookEx
RegisterClipboardFormatA
GetDesktopWindow
CharUpperBuffA
IntersectRect
BeginPaint
ActivateKeyboardLayout
GetCapture
IsChild
DefWindowProcA
GetClassInfoA
LoadStringA
GetCursorPos
GetWindow
GetActiveWindow
GetKeyboardLayoutNameA
IsWindowVisible
GetScrollPos
DestroyWindow

Exports

Exports

_f

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 161KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6a84fdca4c561afbf187fbdee7fef9e

Headers

File Characteristics

Imports

shlwapi

kernel32

oleaut32

version

shell32

ole32

comctl32

gdi32

msvcrt

comdlg32

user32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 12KB

DATA Size: 161KB - Virtual size: 164KB

.idata Size: 6KB - Virtual size: 116KB

.bss Size: 512B - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 8KB - Virtual size: 12KB

DATA
Size: 161KB - Virtual size: 164KB

.idata
Size: 6KB - Virtual size: 116KB

.bss
Size: 512B - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 20KB - Virtual size: 20KB