59a26f36611a8cd5d55d81e62e77cb27_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

59a26f36611a8cd5d55d81e62e77cb27_JaffaCakes118
Size

182KB
MD5

59a26f36611a8cd5d55d81e62e77cb27
SHA1

9f28e2374d4f68f4077c634dce69883725e3da95
SHA256

14810b5d44de87d87ef0cc5ff3d27b89ce67d67d91b85b95124e270472dbff6a
SHA512

e457a7e9c5c4b8a0d3f431abe2c75997f2c98758c42cc0c123ffa761b7fcce528788a632887b281b85ac2385e334016aab136b7e072300e5f26a11761210f08a
SSDEEP

3072:jg7Df4l6JrOJtdtOT4q0nmDM5qD5nAICAfxx2YltgDZmPSg4FdiJ2NPI9fh4:jg3G6JyJ1Ot0n7kDxwAfL2stgDLg4eJW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59a26f36611a8cd5d55d81e62e77cb27_JaffaCakes118

Files

59a26f36611a8cd5d55d81e62e77cb27_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05aa6a6d1c18dca61fe7c9082045ddff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegEnumKeyW
RegOpenKeyW
RegQueryInfoKeyW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW
RegQueryValueW
RegOpenKeyExW
RegQueryValueExW

oledlg

OleUIBusyW

shlwapi

PathFindExtensionW
PathFileExistsW
PathRemoveFileSpecW
PathIsUNCW
PathFindFileNameW
PathStripToRootW
PathAppendW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

ole32

CreateILockBytesOnHGlobal
CLSIDFromProgID
CoRevokeClassObject
CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes
OleInitialize
CoGetClassObject
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString

kernel32

FreeLibrary
SystemTimeToFileTime
lstrcmpiA
VirtualFree
GetCalendarInfoA
GetVersion
InterlockedDecrement
ReleaseMutex
SizeofResource
CreateMutexW
ConvertDefaultLocale
InitializeCriticalSection
LoadResource
GetVersionExW
SetThreadContext
ReadFile
MultiByteToWideChar
CreateDirectoryW
LoadLibraryW
GetFileAttributesW
FindNextFileW
GetLocaleInfoW
FindFirstFileW
LockResource
GetACP
GetCurrentProcessId
GetSystemDefaultLangID
EnumResourceLanguagesW
InterlockedExchange
GetCurrentDirectoryW
EnumResourceNamesA
lstrcpyW
SetFilePointer
FindResourceW
GetModuleFileNameW
RemoveDirectoryW
WideCharToMultiByte
FindClose
GetLocaleInfoA
LocalFileTimeToFileTime
ExitProcess
DeleteFileW
GetProcAddress
CreateFileW
GetThreadLocale
GetModuleHandleW
WaitForSingleObject
WriteFile
CloseHandle
RaiseException
SetFileTime
MoveFileW
DeleteCriticalSection
lstrcmpA

user32

WinHelpW
LoadIconW
InvalidateRgn
GetPropW
CallWindowProcW
UpdateWindow
SetForegroundWindow
GetClassInfoW
CharNextW
RemovePropW
MessageBeep
RegisterClassW
GetMenu
SetActiveWindow
IsIconic
IsRectEmpty
GetClassLongW
GetWindowPlacement
GetMessageTime
GetNextDlgGroupItem
CopyAcceleratorTableW
IntersectRect
GetTopWindow
SetPropW
SendDlgItemMessageA
MapWindowPoints
IsWindow
GetForegroundWindow
InvalidateRect
GetClientRect
GetNextDlgTabItem
CharUpperW
IsChild
DefWindowProcW
RegisterWindowMessageW
CreateWindowExW
GetMessagePos
GetClassInfoExW
AdjustWindowRectEx
EqualRect
OffsetRect
SetRect
DestroyMenu

gdi32

SetWindowExtEx
ScaleViewportExtEx
GetObjectW
ExtTextOutW
GetClipBox
GetBkColor
SetViewportExtEx
GetWindowExtEx
GetViewportExtEx
DeleteDC
RestoreDC
RectVisible
SetBkColor
CreateBitmap
SaveDC
TextOutW
ScaleWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetTextColor
PtVisible
ExtSelectClipRgn
DeleteObject
Escape
GetMapMode
GetStockObject
GetRgnBox
SetMapMode
SelectObject
GetTextColor
GetDeviceCaps
CreateRectRgnIndirect

comdlg32

GetFileTitleW

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05aa6a6d1c18dca61fe7c9082045ddff

Headers

File Characteristics

Imports

advapi32

oledlg

shlwapi

winspool.drv

shell32

ole32

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 98KB - Virtual size: 98KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 77KB - Virtual size: 76KB

.edata Size: 1024B - Virtual size: 368KB

.text
Size: 98KB - Virtual size: 98KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 77KB - Virtual size: 76KB

.edata
Size: 1024B - Virtual size: 368KB