1a7c9138e193234dee24fbc568d97f6a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1a7c9138e193234dee24fbc568d97f6a_JaffaCakes118
Size

830KB
MD5

1a7c9138e193234dee24fbc568d97f6a
SHA1

b44cab90c2d80a29347776d97d0bfe31c2e5068e
SHA256

bb8346816acc3bd207de3f7232ff978ea139707d9b82e1c6ec74846e43d0e5dc
SHA512

e83745286655ba34a8e0e9ef9f879fc46a110a8a6c43f94e13c1afb31968ef136b08bc1d7662422146731bbd7934a83383ee735cb73aa4a082ffe849814eec85
SSDEEP

12288:MteJ5xwYQFKSIjVo2lbECBbbFzYUbtQRYCfw8FHcJTFVWxSWhUbbvLwNUHPmOuNN:Mte72tFgI0xtQRYC5w6QLHPm5Nb0E02

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a7c9138e193234dee24fbc568d97f6a_JaffaCakes118

Files

1a7c9138e193234dee24fbc568d97f6a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

813b2d11dffe7c78ed1203daaaa71cd4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
lstrcatA
ExitProcess
GetProcAddress
GetStartupInfoA
GetLastError
GlobalFree
GetModuleFileNameA
SetLastError
TerminateProcess
GetFullPathNameA
lstrlenA
GlobalAlloc
lstrcpyA
lstrcpynA
CloseHandle
AreFileApisANSI
MultiByteToWideChar
GetFileAttributesA
GlobalLock
LocalFree
CreateMutexA
LoadLibraryA
CreateProcessA
OutputDebugStringA
FreeLibrary
InterlockedDecrement
GetModuleHandleA
GetVersion
WideCharToMultiByte
lstrlenW
GlobalUnlock

user32

ReleaseCapture
GetParent
DestroyIcon
LoadMenuA
GetDlgCtrlID
DrawIconEx
SetWindowRgn
SendMessageA
GetLastActivePopup
LoadBitmapA
GetMenuItemInfoA
FillRect
EnableWindow
IsWindowVisible
GetDC
LoadIconA
DrawTextA
LoadImageA
PtInRect
GetMenuItemCount
SetWindowTextA
GetClientRect
PostMessageA
GetWindowDC
GetWindowTextA
SystemParametersInfoA
CopyRect
OffsetRect
SetRect
SetMenuItemInfoA
GetWindowRect
GrayStringA
DefWindowProcA
SetForegroundWindow
SetCapture
InvalidateRect
FindWindowA
IsWindow
EnumChildWindows
ReleaseDC
IsIconic
DeleteMenu
IsZoomed
UpdateWindow
LoadCursorA
ClientToScreen
GetSysColor
TabbedTextOutA
GetSystemMenu
GetSystemMetrics
GetSubMenu
TrackPopupMenu

gdi32

GetPaletteEntries
CreateCompatibleDC
CombineRgn
SetPixel
CreateFontIndirectA
DPtoLP
PtVisible
GetObjectA
SetBkMode
DeleteObject
GetBkColor
Polyline
ExtTextOutA
GetTextColor
CreateHalftonePalette
CreatePen
CreatePalette
SetWindowOrgEx
SelectPalette
RectVisible
PatBlt
GetDeviceCaps
SetRectRgn
CreateCompatibleBitmap
SetTextColor
StretchBlt
BitBlt
Escape
PtInRegion
DeleteDC
CreatePolygonRgn
LPtoDP
TextOutA
RealizePalette
GetMapMode
GetStockObject
GetCurrentObject
CreateSolidBrush
CreateRectRgn
SelectObject

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteA
SHGetMalloc
SHGetPathFromIDListA
SHGetDesktopFolder

ole32

CoTaskMemFree
CLSIDFromProgID
StringFromCLSID
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysAllocString
VariantClear
SysFreeString
SysAllocStringLen

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathFindFileNameA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

msvcrt

_cexit
_strdup
_initterm
_onexit
?terminate@@YAXXZ
__dllonexit
_CxxThrowException
_acmdln
_splitpath
__CxxFrameHandler
__p__fmode
__set_app_type
_controlfp
_mbsicmp
__p__commode
_exit
__setusermatherr
_XcptFilter
free
__getmainargs
_except_handler3
_setmbcp
??1type_info@@UAE@XZ
_vsnprintf
_mbscmp
_adjust_fdiv
exit
fopen
fread
fclose
_c_exit

Sections

.text
Size: 526KB - Virtual size: 526KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.s6
Size: - Virtual size: 5.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sx
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.s1
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

813b2d11dffe7c78ed1203daaaa71cd4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

version

msvcrt

Sections

.text Size: 526KB - Virtual size: 526KB

.s6 Size: - Virtual size: 5.4MB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 876B

.sx Size: 5KB - Virtual size: 4KB

.s1 Size: 252KB - Virtual size: 251KB

.tls Size: 512B - Virtual size: 57B

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 526KB - Virtual size: 526KB

.s6
Size: - Virtual size: 5.4MB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 876B

.sx
Size: 5KB - Virtual size: 4KB

.s1
Size: 252KB - Virtual size: 251KB

.tls
Size: 512B - Virtual size: 57B

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 6KB - Virtual size: 5KB