306ee1a3045ff43f46cbe248ccc310de_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

306ee1a3045ff43f46cbe248ccc310de_JaffaCakes118
Size

171KB
MD5

306ee1a3045ff43f46cbe248ccc310de
SHA1

682f588f97abf10dbba1ec48da0356a19a04dd0e
SHA256

da3b800246a8ac503adc097db2843b8745b024ec4dd62310231e6a9186c063d3
SHA512

3c5f3baf7e1d335267b0c945c9e50ea96612e5f047eb921d3612f82f0b9bcd8c2ec1cfc99cd0571a022342925de5dd3174835a2a75ff849b2130579b50f4474b
SSDEEP

3072:ucy1hWYUHY3gCv2RsRrQsaL+WpO3fGOkrR4yMsv1cMXynDtGHQPkS:uctC7prQsaL+WpYOOkrR4yztcQaDtG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
306ee1a3045ff43f46cbe248ccc310de_JaffaCakes118

Files

306ee1a3045ff43f46cbe248ccc310de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29145695a6359aeba884f7ee59088302

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

user32

SetPropW
CharUpperW
CreateWindowExW
GetNextDlgTabItem
GetNextDlgGroupItem
InvalidateRect
SendDlgItemMessageA
MessageBeep
InvalidateRgn
GetClassInfoExW
RegisterWindowMessageW
CharNextW
WinHelpW
CopyAcceleratorTableW
GetClassLongW
GetPropW
IsRectEmpty
SetRect
RemovePropW
DestroyMenu

shlwapi

PathFindFileNameW
PathFindExtensionW
PathFileExistsW
PathStripToRootW
PathRemoveFileSpecW
PathIsUNCW
PathAppendW

kernel32

GetCalendarInfoW
lstrcpyW
ConvertDefaultLocale
GetSystemDefaultLangID
GetCurrentProcessId
SetFileTime
WriteFile
RemoveDirectoryW
GetModuleFileNameW
LocalFileTimeToFileTime
GetLocaleInfoW
InterlockedDecrement
CreateFileW
SystemTimeToFileTime
FindClose
EnumResourceNamesA
ReadFile
DeleteFileW
LoadLibraryW
CreateDirectoryW
FindNextFileW
SetFilePointer
GetCurrentDirectoryW
ExitProcess
GetVersion
MoveFileW
EnumResourceLanguagesW
MultiByteToWideChar
FindFirstFileW
GetFileAttributesW
WideCharToMultiByte
GetProcAddress

ole32

StgCreateDocfileOnILockBytes
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoGetClassObject
OleUninitialize
CoRetireServer
CoCreateInstance
CoTaskMemFree
OleInitialize
CreateILockBytesOnHGlobal
CoInitialize
OleIsCurrentClipboard
CoUninitialize
OleFlushClipboard
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoRevokeClassObject
CLSIDFromProgID
CLSIDFromString

advapi32

RegOpenKeyW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegQueryValueW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyW
RegQueryValueExW

gdi32

SetWindowExtEx
GetStockObject
SelectObject
RectVisible
ScaleViewportExtEx
GetBkColor
ExtSelectClipRgn
GetTextColor
TextOutW
ScaleWindowExtEx
SetViewportOrgEx
GetDeviceCaps
GetMapMode
Escape
DeleteDC
ExtTextOutW
PtVisible
OffsetViewportOrgEx
GetRgnBox

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29145695a6359aeba884f7ee59088302

Headers

File Characteristics

Imports

shell32

user32

shlwapi

kernel32

ole32

advapi32

gdi32

oleacc

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 69KB - Virtual size: 68KB

.edata Size: 1024B - Virtual size: 92KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 69KB - Virtual size: 68KB

.edata
Size: 1024B - Virtual size: 92KB