178633f53a3d0c192bb79c7ad9e91b7f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

178633f53a3d0c192bb79c7ad9e91b7f_JaffaCakes118
Size

1.9MB
MD5

178633f53a3d0c192bb79c7ad9e91b7f
SHA1

34bbaf5688ee8db3f5a635a541e1b88cb448a4a2
SHA256

7a9b6cbb8975589e3619f9d08d14aa77a3de56941800a6901e1e1ccc52928ee1
SHA512

3bf73cfc6f185b57d2450de05ec7a9c579196ca4c53f803016a92a231caadbbf3bb941e405eb316f5cb87a9a8b0fad929a8f029eaf4ced4d37714ea90f199071
SSDEEP

49152:CN42ojpzoTkqqkbuuEbclhf8g6PT6VQfknx9SAE5Ug:CN42ojCTP0bc3kD6VQfkbhrg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
178633f53a3d0c192bb79c7ad9e91b7f_JaffaCakes118

Files

178633f53a3d0c192bb79c7ad9e91b7f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d3e69ba3c6827e3a220a3e42c7fa8ad9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoMarshalInterThreadInterfaceInStream
CreateBindCtx
CreateStreamOnHGlobal
CLSIDFromString

user32

GetParent
RegisterClassA
UnregisterClassA
DialogBoxParamA
DrawTextW
GetMessageA
GetDesktopWindow
CheckDlgButton
GetWindowPlacement
LoadIconA

kernel32

VirtualFree
GetModuleHandleA
GetCurrentProcess
VirtualAlloc
GetVersion
GetLastError
DisableThreadLibraryCalls
GetCommandLineA
GetModuleFileNameA
ExitProcess
GetTickCount
CloseHandle
GetLastError
GetTickCount
VirtualAlloc
SetThreadPriority
GetVersion
GetModuleHandleA
GetCommandLineA
GetACP
VirtualFree
GetModuleFileNameA
GetCurrentProcess
ExitProcess

comdlg32

GetSaveFileNameA
GetSaveFileNameW
ChooseColorA
GetFileTitleW
GetOpenFileNameW
PrintDlgA
GetFileTitleA
GetOpenFileNameA

msvcrt

_except_handler3
_initterm
_XcptFilter
wcsncpy
wcscmp
_vsnwprintf
_cexit
__p__fmode
sprintf
wcscpy
free
_CxxThrowException
calloc
_amsg_exit
free

gdi32

CombineRgn
AngleArc
GetTextExtentPointW
CreatePen
CreatePatternBrush
PlayMetaFile
GetRgnBox
DeleteEnhMetaFile
ExtCreateRegion
PatBlt
CreateBrushIndirect
GetBitmapBits
AngleArc
GetCurrentPositionEx

ntdll

RtlCompareUnicodeString
RtlAppendUnicodeStringToString
NtSetInformationProcess
NtQueryInformationThread
NlsMbCodePageTag
NtSetInformationThread

version

VerQueryValueA
GetFileVersionInfoA

advapi32

RegOpenKeyW
RegOpenKeyExA
RegEnumKeyExW
FreeSid
RegSetValueExW
OpenThreadToken
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExA

Sections

.text
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 879KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 908KB - Virtual size: 908KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3e69ba3c6827e3a220a3e42c7fa8ad9

Headers

File Characteristics

Imports

ole32

user32

kernel32

comdlg32

msvcrt

gdi32

ntdll

version

advapi32

Sections

.text Size: 8KB - Virtual size: 9KB

.data Size: 102KB - Virtual size: 103KB

.edata Size: 879KB - Virtual size: 6.1MB

.edata Size: 908KB - Virtual size: 908KB

.kdata Size: 11KB - Virtual size: 11KB

.rsrc Size: 74KB - Virtual size: 74KB

.text
Size: 8KB - Virtual size: 9KB

.data
Size: 102KB - Virtual size: 103KB

.edata
Size: 879KB - Virtual size: 6.1MB

.edata
Size: 908KB - Virtual size: 908KB

.kdata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 74KB - Virtual size: 74KB