1c004bf2ce8ed1acae517ce270f0bbe3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1c004bf2ce8ed1acae517ce270f0bbe3_JaffaCakes118
Size

174KB
MD5

1c004bf2ce8ed1acae517ce270f0bbe3
SHA1

84fb12308b98af9a6ec416032440a155c2bbbf44
SHA256

360de93708f69bd82cb0d25414d2d58be2b169e8a5435cbab555952fab93e2b5
SHA512

cd4128809e36766cbcda00cd9250cc63348753ee417fbe290f03b53ea416cc2df9ec7368d7820808087dbf81d03975472a38884ada986e18c30108b07af9c873
SSDEEP

3072:6MUN344KutqNQIpi/qjmDIl0fAAVZzDC3UMN+/2yAGWi:6Ma3HqeIpi/qjMIlmrV4/N+OySi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c004bf2ce8ed1acae517ce270f0bbe3_JaffaCakes118

Files

1c004bf2ce8ed1acae517ce270f0bbe3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

093548ea4542279ce1a3965a178d0891

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

ole32

OleFlushClipboard
CoTaskMemFree
StgOpenStorageOnILockBytes
CoInitialize
CoRetireServer
CoFreeUnusedLibraries
CoTaskMemAlloc
CoRegisterMessageFilter
OleInitialize
CoUninitialize
CLSIDFromProgID
CoGetClassObject
OleUninitialize
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoCreateInstance
CoRevokeClassObject
CLSIDFromString

shlwapi

PathRemoveFileSpecW
PathIsUNCW
PathFindExtensionW
PathStripToRootW
PathFileExistsW
PathFindFileNameW
PathAppendW

gdi32

SetViewportOrgEx
SelectObject
GetDeviceCaps
GetMapMode
ExtTextOutW
RectVisible
GetStockObject
Escape
ScaleViewportExtEx
ScaleWindowExtEx
DeleteDC
ExtSelectClipRgn
PtVisible
SetWindowExtEx
GetBkColor
TextOutW
OffsetViewportOrgEx
GetTextColor
GetRgnBox

advapi32

RegOpenKeyW
RegOpenKeyExW
RegSetValueExW
RegDeleteKeyW
RegEnumKeyExW
RegEnumKeyW
RegCloseKey
RegQueryInfoKeyW
RegCreateKeyExW
RegQueryValueW
RegQueryValueExW

kernel32

DeleteFileW
EnumResourceLanguagesW
GetSystemDefaultLangID
GetCalendarInfoW
RemoveDirectoryW
FindFirstFileW
GetCurrentDirectoryW
CreateDirectoryW
GetCurrentProcessId
WideCharToMultiByte
ConvertDefaultLocale
LoadLibraryW
lstrcpyW
GetModuleFileNameW
InterlockedDecrement
FindClose
SetFilePointer
GetVersion
CreateFileW
EnumResourceNamesA
LocalFileTimeToFileTime
SystemTimeToFileTime
WriteFile
ExitProcess
MultiByteToWideChar
ReadFile
GetLocaleInfoW
MoveFileW
SetFileTime
GetFileAttributesW
FindNextFileW
GetProcAddress

user32

IsRectEmpty
GetClassInfoExW
SetRect
CharNextW
RegisterWindowMessageW
GetNextDlgTabItem
SendDlgItemMessageA
CharUpperW
WinHelpW
InvalidateRect
SetPropW
CreateWindowExW
CopyAcceleratorTableW
GetClassLongW
GetPropW
MessageBeep
GetNextDlgGroupItem
RemovePropW
InvalidateRgn
DestroyMenu

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

093548ea4542279ce1a3965a178d0891

Headers

File Characteristics

Imports

oleacc

shell32

ole32

shlwapi

gdi32

advapi32

kernel32

user32

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 67KB - Virtual size: 67KB

.edata Size: 1024B - Virtual size: 96KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 67KB - Virtual size: 67KB

.edata
Size: 1024B - Virtual size: 96KB