48bc8a4090e7d170a9c6bdd40aac99fe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

48bc8a4090e7d170a9c6bdd40aac99fe_JaffaCakes118
Size

189KB
MD5

48bc8a4090e7d170a9c6bdd40aac99fe
SHA1

be6720487c4c9f15d266d0df91d93070c1750771
SHA256

769915386d78713b85e34e8203a80d37b1e828aefae0b86173f110f2938761a5
SHA512

3bf055c9040e70385ed86d273518489d89eb27a0528f75e6a2b84256dcc2cd04708ad73b9fa835b3e01e257b7ac36b9578a37fb660d25696eaae0c39b68387cc
SSDEEP

3072:/G9jyZo/9zgr/A6UdL6Os+dqWyIs+SDmyq/MMYgLWDkwDLci6jhpjW:h89zgK6OAWyt+SmyqkMZekwDLT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48bc8a4090e7d170a9c6bdd40aac99fe_JaffaCakes118

Files

48bc8a4090e7d170a9c6bdd40aac99fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69d065bf2fd379bdcf0ccfa4d7b58fc7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectObject
OffsetViewportOrgEx
Escape
PtVisible
GetDeviceCaps
GetMapMode
GetTextColor
ExtSelectClipRgn
DeleteDC
SetViewportOrgEx
GetStockObject
RectVisible
ScaleWindowExtEx
TextOutW
GetBkColor
SetWindowExtEx
ExtTextOutW
ScaleViewportExtEx
GetRgnBox

advapi32

RegEnumKeyW
RegSetValueExW
RegDeleteKeyW
RegCreateKeyExW
RegQueryInfoKeyW
RegQueryValueW
RegOpenKeyW
RegOpenKeyExW
RegCloseKey
RegEnumKeyExW
RegQueryValueExW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
PathFileExistsW
PathAppendW

ole32

CoInitialize
CoTaskMemAlloc
CoRegisterMessageFilter
CoGetClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRetireServer
CoRevokeClassObject
OleInitialize
StgCreateDocfileOnILockBytes
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
CLSIDFromProgID
StgOpenStorageOnILockBytes
CoTaskMemFree
CoUninitialize
CoCreateInstance
CLSIDFromString

kernel32

GetCalendarInfoW
WideCharToMultiByte
WriteFile
SystemTimeToFileTime
MultiByteToWideChar
LocalFileTimeToFileTime
InterlockedDecrement
SetFilePointer
RemoveDirectoryW
GetModuleFileNameW
ReadFile
FindFirstFileW
lstrcpyW
GetLocaleInfoW
GetFileAttributesW
MoveFileW
EnumResourceNamesA
GetSystemDefaultLangID
GetCurrentProcessId
FindClose
CreateDirectoryW
ExitProcess
CreateFileW
SetFileTime
GetVersion
DeleteFileW
EnumResourceLanguagesW
FindNextFileW
ConvertDefaultLocale
LoadLibraryW
GetCurrentDirectoryW
GetProcAddress

user32

WinHelpW
IsRectEmpty
RemovePropW
SetRect
CopyAcceleratorTableW
GetClassLongW
CreateWindowExW
RegisterWindowMessageW
MessageBeep
GetPropW
CharUpperW
GetNextDlgTabItem
GetClassInfoExW
SetPropW
InvalidateRgn
SendDlgItemMessageA
GetNextDlgGroupItem
CharNextW
InvalidateRect
DestroyMenu

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69d065bf2fd379bdcf0ccfa4d7b58fc7

Headers

File Characteristics

Imports

gdi32

advapi32

shell32

oleacc

shlwapi

ole32

kernel32

user32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 80KB - Virtual size: 79KB

.edata Size: 1024B - Virtual size: 72KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 80KB - Virtual size: 79KB

.edata
Size: 1024B - Virtual size: 72KB