613bfd3b4d7cf21f8f382a13eff039e3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

613bfd3b4d7cf21f8f382a13eff039e3_JaffaCakes118
Size

203KB
MD5

613bfd3b4d7cf21f8f382a13eff039e3
SHA1

530014238c389170b30ab2f6751a64dd57146190
SHA256

fc62cf7e23431c4b5b1c704158fddde83b68f22257be3cb54dc359e7e652ca62
SHA512

dd5787cb8f5af7f7504110b583d445f02aa1f557490e9efdabca93ead450a61f83df08759b5af80d527db7c603ec3893a27211129435549ee1fcae9cdfa0029e
SSDEEP

3072:Fpc/Rg6IEDCdKRvzr6FoyesVILs8aUta+OtrYPjkfn0kOKflK9m0FKGX1dtSk2w9:IRgbF4KoZrNVCtrCe0tM7idtYwcAx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
613bfd3b4d7cf21f8f382a13eff039e3_JaffaCakes118

Files

613bfd3b4d7cf21f8f382a13eff039e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e6db61868d879f05042bf520f0aeb632

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetBkColor
ExtTextOutW
GetTextColor
SetWindowExtEx
DeleteDC
ScaleViewportExtEx
ExtSelectClipRgn
GetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
ScaleWindowExtEx
TextOutW
PtVisible
Escape
GetDeviceCaps
SelectObject
GetStockObject
RectVisible
GetRgnBox

shlwapi

PathStripToRootW
PathFileExistsW
PathFindExtensionW
PathRemoveFileSpecW
PathFindFileNameW
PathIsUNCW
PathAppendW

kernel32

MultiByteToWideChar
FindClose
MoveFileW
WideCharToMultiByte
GetCalendarInfoW
RemoveDirectoryW
ReadFile
DeleteFileW
GetCurrentDirectoryW
SystemTimeToFileTime
GetCurrentProcessId
InterlockedDecrement
GetThreadContext
GetLocaleInfoW
FindFirstFileW
SetFilePointer
EnumResourceNamesA
CreateDirectoryW
GetFileAttributesW
GetSystemDefaultLangID
GetModuleFileNameW
ExitProcess
WriteFile
SetFileTime
lstrcpyW
EnumResourceLanguagesW
CreateFileW
LocalFileTimeToFileTime
FindNextFileW
GetVersion
ConvertDefaultLocale
LoadLibraryW
GetProcAddress

advapi32

RegCreateKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueW
RegDeleteKeyW
RegOpenKeyW
RegOpenKeyExW
RegCloseKey
RegEnumKeyW
RegQueryValueExW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

SendDlgItemMessageA
InvalidateRgn
SetPropW
GetNextDlgGroupItem
CharUpperW
WinHelpW
RegisterWindowMessageW
RemovePropW
CopyAcceleratorTableW
MessageBeep
GetNextDlgTabItem
IsRectEmpty
InvalidateRect
GetPropW
SetRect
GetClassInfoExW
CharNextW
GetClassLongW
CreateWindowExW
DestroyMenu

ole32

OleFlushClipboard
CoInitialize
OleInitialize
CoFreeUnusedLibraries
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoTaskMemAlloc
CoUninitialize
CoRevokeClassObject
CoGetClassObject
StgOpenStorageOnILockBytes
OleUninitialize
CLSIDFromProgID
CoCreateInstance
CoTaskMemFree
CLSIDFromString

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6db61868d879f05042bf520f0aeb632

Headers

File Characteristics

Imports

gdi32

shlwapi

kernel32

advapi32

oleacc

user32

ole32

shell32

Sections

.text Size: 115KB - Virtual size: 114KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 83KB - Virtual size: 82KB

.edata Size: 1024B - Virtual size: 216KB

.text
Size: 115KB - Virtual size: 114KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 83KB - Virtual size: 82KB

.edata
Size: 1024B - Virtual size: 216KB