4270b72593e13942ed31f70b6c14282c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4270b72593e13942ed31f70b6c14282c_JaffaCakes118
Size

179KB
MD5

4270b72593e13942ed31f70b6c14282c
SHA1

14569ad4856f2d447375f22427231d03da43f6fb
SHA256

5a41ae636fd13996bdc7ac79d2d6132945fbb3545841da7ab7320128c4a98e84
SHA512

516de69885a8b74d362ce084d72dd838ceecb895ef5adc7138c247175d719b418ffccdf10de4e21153ae05612acd6dbae8e2ba166bb026c5c911368ea4aa45df
SSDEEP

3072:iXOaUgx/b+gUOvyY16LgjqiIHAliiVnavHB50/BUT/EqtcT58CMxT1YyJx:iX+42TLgjFqDi+HvO2/E0KKxhd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4270b72593e13942ed31f70b6c14282c_JaffaCakes118

Files

4270b72593e13942ed31f70b6c14282c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

289af57601201b0e15d6bfeb975e875a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegEnumKeyW
RegOpenKeyW
RegCloseKey
RegOpenKeyExW
RegQueryValueW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueExW

gdi32

GetMapMode
TextOutW
OffsetViewportOrgEx
ScaleWindowExtEx
SetViewportOrgEx
GetStockObject
ExtTextOutW
SelectObject
ScaleViewportExtEx
SetWindowExtEx
PtVisible
Escape
GetBkColor
RectVisible
GetDeviceCaps
GetTextColor
ExtSelectClipRgn
DeleteDC
GetRgnBox

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoTaskMemFree
OleUninitialize
CoCreateInstance
CoFreeUnusedLibraries
CoRetireServer
CLSIDFromProgID
OleIsCurrentClipboard
CoUninitialize
CoTaskMemAlloc
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
CoInitialize
CoRevokeClassObject
CoGetClassObject
StgCreateDocfileOnILockBytes
OleInitialize
CLSIDFromString

user32

GetClassLongW
SendDlgItemMessageA
InvalidateRgn
CreateWindowExW
CharNextW
CharUpperW
RemovePropW
RegisterWindowMessageW
WinHelpW
GetClassInfoExW
GetPropW
CopyAcceleratorTableW
GetNextDlgGroupItem
SetPropW
IsRectEmpty
SetRect
InvalidateRect
GetNextDlgTabItem
MessageBeep
DestroyMenu

shlwapi

PathFindExtensionW
PathStripToRootW
PathRemoveFileSpecW
PathFileExistsW
PathIsUNCW
PathFindFileNameW
PathAppendW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

kernel32

GetCalendarInfoW
GetLocaleInfoW
FindFirstFileW
InterlockedDecrement
GetFileAttributesW
MultiByteToWideChar
WideCharToMultiByte
MoveFileW
GetVersion
RemoveDirectoryW
CreateFileW
LoadLibraryW
FindNextFileW
DeleteFileW
SetFilePointer
LocalFileTimeToFileTime
lstrcpyW
EnumResourceNamesA
ReadFile
EnumResourceLanguagesW
ConvertDefaultLocale
ExitProcess
GetCurrentProcessId
WriteFile
FindClose
GetModuleFileNameW
SystemTimeToFileTime
GetSystemDefaultLangID
SetFileTime
GetCurrentDirectoryW
CreateDirectoryW
GetProcAddress

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

289af57601201b0e15d6bfeb975e875a

Headers

File Characteristics

Imports

advapi32

gdi32

oleacc

ole32

user32

shlwapi

shell32

kernel32

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 71KB - Virtual size: 71KB

.edata Size: 1024B - Virtual size: 248KB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 71KB - Virtual size: 71KB

.edata
Size: 1024B - Virtual size: 248KB