23047b166e57b195efb111bf9c631593_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

23047b166e57b195efb111bf9c631593_JaffaCakes118
Size

172KB
MD5

23047b166e57b195efb111bf9c631593
SHA1

33dec0838b5bfb1054c586a9ece2b0c9ced59692
SHA256

778534d796d8e844f2434c97651faf287cd534040a3613c6d0c0c2ea1aad1d8e
SHA512

93bae4fb9273805ca2c83f6002542b7c6a592620922162771dd0614788c92e11094ecc913cf2c63e42375dc9168b5eac5a8aabe60148ce89a25e2f82d4fb5a0f
SSDEEP

3072:QmBDbYfRueFXEYvSMKFMJR8753epDj4b2VX32msGXjVRVFj:bBDgXFSMK67yof4boX3XLzVTF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23047b166e57b195efb111bf9c631593_JaffaCakes118

Files

23047b166e57b195efb111bf9c631593_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56b0bc6d850a9553378a7af38fd1ee07

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryW
GetLocaleInfoW
GetCalendarInfoW
FindClose
LocalFileTimeToFileTime
lstrcpyW
GetCurrentProcessId
ConvertDefaultLocale
InterlockedDecrement
ReadFile
GetFileAttributesW
GetThreadContext
GetCurrentDirectoryW
GetModuleFileNameW
EnumResourceNamesA
WideCharToMultiByte
DeleteFileW
SetFileTime
EnumResourceLanguagesW
MultiByteToWideChar
RemoveDirectoryW
GetSystemDefaultLangID
FindFirstFileW
ExitProcess
CreateFileW
FindNextFileW
MoveFileW
SetFilePointer
LoadLibraryW
SystemTimeToFileTime
WriteFile
GetVersion
GetProcAddress

shlwapi

PathFindFileNameW
PathFindExtensionW
PathIsUNCW
PathRemoveFileSpecW
PathStripToRootW
PathFileExistsW
PathAppendW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

user32

SetPropW
WinHelpW
RemovePropW
GetClassLongW
CharUpperW
IsRectEmpty
InvalidateRect
GetNextDlgTabItem
GetNextDlgGroupItem
CopyAcceleratorTableW
SendDlgItemMessageA
CharNextW
RegisterWindowMessageW
SetRect
GetClassInfoExW
MessageBeep
InvalidateRgn
CreateWindowExW
GetPropW
DestroyMenu

advapi32

RegCloseKey
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyW
RegEnumKeyExW
RegQueryValueW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW

gdi32

SetWindowExtEx
Escape
ExtSelectClipRgn
ExtTextOutW
DeleteDC
SelectObject
GetMapMode
PtVisible
ScaleViewportExtEx
SetViewportOrgEx
GetTextColor
GetDeviceCaps
TextOutW
GetBkColor
GetStockObject
RectVisible
ScaleWindowExtEx
OffsetViewportOrgEx
GetRgnBox

ole32

CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
OleInitialize
StgCreateDocfileOnILockBytes
CoGetClassObject
CoInitialize
CLSIDFromProgID
OleFlushClipboard
CoCreateInstance
CoRegisterMessageFilter
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CoTaskMemFree
CoRevokeClassObject
OleUninitialize
CoUninitialize
CLSIDFromString

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56b0bc6d850a9553378a7af38fd1ee07

Headers

File Characteristics

Imports

kernel32

shlwapi

shell32

user32

advapi32

gdi32

ole32

oleacc

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 65KB - Virtual size: 65KB

.edata Size: 1024B - Virtual size: 92KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 65KB - Virtual size: 65KB

.edata
Size: 1024B - Virtual size: 92KB