63e5fce3b6a80662847c69d814244972_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

63e5fce3b6a80662847c69d814244972_JaffaCakes118
Size

151KB
MD5

63e5fce3b6a80662847c69d814244972
SHA1

be03804c478a83ef132d5248989f0532c0a91d92
SHA256

26d30fb22704bf4a14b457ce439a8f74fd6135ce3ef7044f586129e7963cf54a
SHA512

e212129ddb122c3f5cb7433a1c169c9abf67d2fcb674148840e26909ae58928d949a6c9bbc746d472563bf837ccf7a79d04f28d89b771a92af371729ea536858
SSDEEP

3072:uiNrkNh1En07Qs+h9LWo2SnAtJRfEiNCVOvaYNjytO5:uakNeaQpLr2SCJRXiYNjytk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63e5fce3b6a80662847c69d814244972_JaffaCakes118

Files

63e5fce3b6a80662847c69d814244972_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4278c1ff6ab9380add4b6019225c1c96

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowsHookExA
ReleaseDC
CharUpperA
SetMenu
CharLowerA
LoadStringA
ChildWindowFromPointEx
IsChild
CharUpperBuffW
NotifyWinEvent
GetMessagePos
GetDC
GetKeyboardLayout
EnableMenuItem
DestroyMenu
GetUpdateRect
LoadKeyboardLayoutA
DrawCaption
CharLowerBuffW
IsIconic
WindowFromPoint
DispatchMessageA
GetMenu
IsZoomed
CreateWindowExA
GetKeyboardType
RemoveMenu
IsClipboardFormatAvailable
GetClassInfoW
GetKeyNameTextW
ChildWindowFromPoint
SetForegroundWindow
GetWindowTextLengthA
EnableScrollBar
PostMessageA
SetRect
SetMenuItemInfoW
SendMessageW
GetClipboardData
CallNextHookEx
SetClipboardData
IsWindowVisible

gdi32

CreatePenIndirect
SetMapMode
SetTextCharacterExtra
OffsetClipRgn
Polygon
SetStretchBltMode
SetWinMetaFileBits
MaskBlt
SetDIBColorTable
RestoreDC
GetTextExtentPointA
GetTextAlign
GetBkColor
RealizePalette
CreateBitmap
GetStockObject
CreatePalette
CreateFontIndirectA
SetTextColor
GetTextMetricsA

ole32

CoUninitialize
CoDisconnectObject
OleDraw
IsAccelerator

fmifacct

_LNan
_FRteps
_Wcrtomb
_FSnan
_LRteps
_LInf
_LSinh
_LCosh
_Getcoll
_LSnan
_FCosh
_Toupper
_LDtest
_Tolower

kernel32

lstrlenW
SetFileAttributesA
CloseHandle
CreateProcessA
GetLocalTime
GetThreadLocale
UnmapViewOfFile
VirtualQueryEx
CopyFileA
SetLastError
IsValidCodePage
WaitForMultipleObjects
GetLocaleInfoA
GetModuleHandleA
FindResourceA
CompareStringW
FormatMessageA
QueryPerformanceCounter
GetModuleFileNameA
GlobalAddAtomA
GetVolumeInformationA
GetTempPathA
SetFilePointer
LocalAlloc
GetProfileStringA
GetLastError
ReleaseMutex
GlobalLock
GetDiskFreeSpaceA
GetModuleHandleA
GetExitCodeProcess
lstrlenW
GlobalAlloc
GlobalAlloc
TerminateProcess
MapViewOfFile
DeleteFileA
GetUserDefaultLCID
CreateFileMappingW
MultiByteToWideChar

oleaut32

CreateErrorInfo
SysAllocStringLen
SysAllocStringByteLen
VariantCopyInd
SysReAllocStringLen
SafeArrayUnaccessData

comctl32

InitCommonControls
ImageList_GetBkColor
ImageList_Read

urlmon

CoInternetCreateZoneManager

comdlg32

GetSaveFileNameA

shell32

DragQueryPoint
ShellExecuteExA

wininet

HttpOpenRequestA
InternetCombineUrlA

winmm

timeGetTime
PlaySoundA

Sections

.text
Size: 141KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4278c1ff6ab9380add4b6019225c1c96

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

ole32

fmifacct

kernel32

oleaut32

comctl32

urlmon

comdlg32

shell32

wininet

winmm

Sections

.text Size: 141KB - Virtual size: 144KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 141KB - Virtual size: 144KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB