43599cf3d7781c7864aea35b6806ae3c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43599cf3d7781c7864aea35b6806ae3c_JaffaCakes118
Size

186KB
MD5

43599cf3d7781c7864aea35b6806ae3c
SHA1

14d6cf09497546b7366986e3fe7cbe3eb300ec3d
SHA256

cbd90a3cea47c34e28b2b27dace3ab63a25a1c61bee1c148cf8dec0cbadb5cbb
SHA512

73152bbc03f03367902b1185eaefc1b5fdd8b3d3813588d19ae89d6c75c694240c4a091c5a34f2b43fcf4b133e84c31f04a5ea809b6be3e9d81614a5767f5e57
SSDEEP

3072:hQQEFnqHZbXzNRTdA4WWxmnPAD0EDpckH3qjstD9AGy3Le4HaoPysZm1I3:hCQZvNRTGZGt+kH3qjsny7FTPg0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43599cf3d7781c7864aea35b6806ae3c_JaffaCakes118

Files

43599cf3d7781c7864aea35b6806ae3c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97324c29be94e852dc9bbbc90f01013a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemFree
StgCreateDocfileOnILockBytes
OleUninitialize
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleIsCurrentClipboard
CoInitialize
CreateILockBytesOnHGlobal
CLSIDFromProgID
CoRevokeClassObject
CoTaskMemAlloc
CoGetClassObject
OleFlushClipboard
CoUninitialize
OleInitialize
CoCreateInstance
StgOpenStorageOnILockBytes
CLSIDFromString

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

user32

GetClientRect
SetForegroundWindow
CreateWindowExW
IsIconic
GetClassLongW
AdjustWindowRectEx
GetTopWindow
GetClassInfoW
SendDlgItemMessageA
GetMenu
RegisterWindowMessageW
GetClassInfoExW
WinHelpW
InvalidateRgn
GetPropW
IsChild
CallWindowProcW
OffsetRect
CopyAcceleratorTableW
DefWindowProcW
IsWindow
GetNextDlgGroupItem
GetNextDlgTabItem
GetWindowPlacement
GetForegroundWindow
MessageBeep
RegisterClassW
RemovePropW
IntersectRect
LoadIconW
CharNextW
GetMessagePos
InvalidateRect
MapWindowPoints
GetMessageTime
IsRectEmpty
SetPropW
EqualRect
CharUpperW
UpdateWindow
SetActiveWindow
SetRect
DestroyMenu

comdlg32

GetFileTitleW

gdi32

SetViewportOrgEx
GetBkColor
SaveDC
GetTextColor
RestoreDC
GetStockObject
TextOutW
OffsetViewportOrgEx
SetWindowExtEx
DeleteDC
SetMapMode
CreateBitmap
SetBkColor
SetTextColor
GetObjectW
PtVisible
GetDeviceCaps
Escape
SetViewportExtEx
ExtTextOutW
ExtSelectClipRgn
RectVisible
ScaleViewportExtEx
GetClipBox
GetViewportExtEx
GetRgnBox
GetMapMode
SelectObject
ScaleWindowExtEx
DeleteObject
GetWindowExtEx
CreateRectRgnIndirect

oledlg

OleUIBusyW

advapi32

RegDeleteKeyW
RegQueryValueW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegEnumKeyW
RegCreateKeyExW
RegOpenKeyW
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

shlwapi

PathRemoveFileSpecW
PathFileExistsW
PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathAppendW

kernel32

GetCalendarInfoW
VirtualFree
GetFileAttributesW
RaiseException
MoveFileW
InterlockedDecrement
CloseHandle
InterlockedExchange
SystemTimeToFileTime
SizeofResource
GetCurrentDirectoryW
GetACP
InitializeCriticalSection
FindClose
GetThreadContext
GetVersion
GetCurrentProcessId
LockResource
GetLocaleInfoA
ReleaseMutex
lstrcmpiA
SetFileTime
WideCharToMultiByte
GetProcAddress
MultiByteToWideChar
EnumResourceNamesA
DeleteFileW
ConvertDefaultLocale
LocalFileTimeToFileTime
CreateMutexW
FindNextFileW
LoadResource
SetFilePointer
ReadFile
GetThreadLocale
GetVersionExW
ExitProcess
EnumResourceLanguagesW
RemoveDirectoryW
GetModuleHandleW
LoadLibraryW
CreateFileW
WriteFile
WaitForSingleObject
GetLocaleInfoW
DeleteCriticalSection
GetModuleFileNameW
CreateDirectoryW
GetSystemDefaultLangID
lstrcpyW
FindResourceW
FreeLibrary
FindFirstFileW
lstrcmpA

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97324c29be94e852dc9bbbc90f01013a

Headers

File Characteristics

Imports

ole32

winspool.drv

user32

comdlg32

gdi32

oledlg

advapi32

shell32

shlwapi

kernel32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 78KB - Virtual size: 77KB

.edata Size: 1024B - Virtual size: 236KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 78KB - Virtual size: 77KB

.edata
Size: 1024B - Virtual size: 236KB