3aa4c1855506aa3a1139844137105dc1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3aa4c1855506aa3a1139844137105dc1_JaffaCakes118
Size

190KB
MD5

3aa4c1855506aa3a1139844137105dc1
SHA1

1ab3ede3023dbef0d7a88b9690837d2ea93dbe93
SHA256

c627ac6b3c020e4042147cd7dc8632eda861829fb297aba80203394f7cad87d0
SHA512

67fa7d51131908b9f18b6fb9e7d06bace97a97bd81c07b9f3ae93e32f8286135052a3f56d2a5e108aafcd20b268f94b4a5c4d1dfbed1498c52d06fd74528397d
SSDEEP

3072:B1JgMn3D/ydA2KUako+VQuwzL++2lfGVP1Rn6udJoAtYJfK7sA3:B1JL3gvvorRL++2K9Rn6MiJfK7x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aa4c1855506aa3a1139844137105dc1_JaffaCakes118

Files

3aa4c1855506aa3a1139844137105dc1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0aecd30f42ee2e6c15187b90ee07601

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBeep
WinHelpW
SetRect
GetNextDlgTabItem
InvalidateRgn
RemovePropW
GetClassLongW
RegisterWindowMessageW
CharUpperW
SetPropW
InvalidateRect
GetPropW
CharNextW
IsRectEmpty
CopyAcceleratorTableW
GetClassInfoExW
SendDlgItemMessageA
CreateWindowExW
GetNextDlgGroupItem
DestroyMenu

shlwapi

PathFindFileNameW
PathFindExtensionW
PathFileExistsW
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW
PathAppendW

gdi32

RectVisible
GetTextColor
TextOutW
GetMapMode
GetDeviceCaps
Escape
GetBkColor
PtVisible
GetStockObject
ScaleViewportExtEx
ExtSelectClipRgn
ExtTextOutW
SelectObject
SetWindowExtEx
DeleteDC
OffsetViewportOrgEx
ScaleWindowExtEx
SetViewportOrgEx
GetRgnBox

advapi32

RegSetValueExW
RegQueryValueW
RegCloseKey
RegEnumKeyExW
RegQueryInfoKeyW
RegEnumKeyW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyW
RegQueryValueExW

ole32

StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoRetireServer
CoGetClassObject
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoInitialize
OleFlushClipboard
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString

kernel32

GetModuleFileNameW
SetFilePointer
GetCurrentProcessId
GetCalendarInfoW
MoveFileW
FindNextFileW
GetFileAttributesW
FindClose
SystemTimeToFileTime
DeleteFileW
MultiByteToWideChar
WideCharToMultiByte
ReadFile
ConvertDefaultLocale
LocalFileTimeToFileTime
EnumResourceNamesA
EnumResourceLanguagesW
SetFileTime
LoadLibraryW
CreateFileW
GetCurrentDirectoryW
GetSystemDefaultLangID
ExitProcess
InterlockedDecrement
GetVersion
lstrcpyW
RemoveDirectoryW
CreateDirectoryW
WriteFile
GetLocaleInfoW
FindFirstFileW
GetProcAddress

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0aecd30f42ee2e6c15187b90ee07601

Headers

File Characteristics

Imports

user32

shlwapi

gdi32

advapi32

ole32

kernel32

oleacc

shell32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 80KB - Virtual size: 80KB

.edata Size: 1024B - Virtual size: 116KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 80KB - Virtual size: 80KB

.edata
Size: 1024B - Virtual size: 116KB