1a3c0fb86329b973afd5c69ef84dcc67_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1a3c0fb86329b973afd5c69ef84dcc67_JaffaCakes118
Size

178KB
MD5

1a3c0fb86329b973afd5c69ef84dcc67
SHA1

6ea9dbc91bd044d0a640aed039ab6f4c0eb6ff0b
SHA256

40bcf8891865eb2597dfa49e190ae4147e02f08d715ec2d46a185c30b5d4a1e1
SHA512

d1bdb49eb4b8d58a8254677a09f98f38d01206d84d739f0d03afe6039e544c44c5c8aa54d73c0a3512d52d96c17e3916393e3b2a7e99e652b414a3f92d4b7ea2
SSDEEP

3072:jgkm4/6+QXdT6AZcCX2/tWgAwzjSluWmSO6uz5wU7s8lgwG5K5O3+7:jg9TDsx5ZS5D8lg9573+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a3c0fb86329b973afd5c69ef84dcc67_JaffaCakes118

Files

1a3c0fb86329b973afd5c69ef84dcc67_JaffaCakes118
.exe windows:4 windows x86 arch:x86

86ec377cec4f945bfd2fdbbae53efb67

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyW
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegOpenKeyExW
RegOpenKeyW
RegDeleteKeyW
RegQueryValueExW

kernel32

GetCalendarInfoW
CreateFileW
GetCurrentProcessId
GetCurrentDirectoryW
FindNextFileW
SetFileTime
WriteFile
SetFilePointer
LocalFileTimeToFileTime
DeleteFileW
GetFileAttributesW
GetThreadContext
lstrcpyW
ConvertDefaultLocale
GetVersion
ReadFile
GetSystemDefaultLangID
FindClose
EnumResourceNamesA
RemoveDirectoryW
FindFirstFileW
GetModuleFileNameW
GetLocaleInfoW
MoveFileW
ExitProcess
WideCharToMultiByte
InterlockedDecrement
EnumResourceLanguagesW
LoadLibraryW
SystemTimeToFileTime
CreateDirectoryW
MultiByteToWideChar
GetProcAddress

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathFileExistsW
PathStripToRootW
PathFindExtensionW
PathAppendW

user32

GetClassInfoExW
GetNextDlgTabItem
CharUpperW
SetPropW
GetNextDlgGroupItem
InvalidateRgn
SetRect
CreateWindowExW
SendDlgItemMessageA
InvalidateRect
IsRectEmpty
CharNextW
CopyAcceleratorTableW
WinHelpW
RemovePropW
GetPropW
RegisterWindowMessageW
GetClassLongW
MessageBeep
DestroyMenu

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

gdi32

TextOutW
ExtSelectClipRgn
RectVisible
SetWindowExtEx
ScaleViewportExtEx
SetViewportOrgEx
GetDeviceCaps
ExtTextOutW
Escape
DeleteDC
OffsetViewportOrgEx
GetMapMode
ScaleWindowExtEx
SelectObject
GetStockObject
GetBkColor
GetTextColor
PtVisible
GetRgnBox

ole32

CoRevokeClassObject
CreateILockBytesOnHGlobal
CLSIDFromProgID
OleFlushClipboard
CoTaskMemAlloc
CoTaskMemFree
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
OleInitialize
OleUninitialize
CoUninitialize
CoGetClassObject
CoFreeUnusedLibraries
StgCreateDocfileOnILockBytes
OleIsCurrentClipboard
CoCreateInstance
CoInitialize
CLSIDFromString

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86ec377cec4f945bfd2fdbbae53efb67

Headers

File Characteristics

Imports

advapi32

kernel32

shlwapi

user32

oleacc

shell32

gdi32

ole32

Sections

.text Size: 99KB - Virtual size: 99KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 73KB - Virtual size: 73KB

.edata Size: 1024B - Virtual size: 244KB

.text
Size: 99KB - Virtual size: 99KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 73KB - Virtual size: 73KB

.edata
Size: 1024B - Virtual size: 244KB