66279de9dcd5a13a9b3c69544432be02_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

66279de9dcd5a13a9b3c69544432be02_JaffaCakes118
Size

247KB
MD5

66279de9dcd5a13a9b3c69544432be02
SHA1

97eff056ba71bcf255dadf233d409581d6c8696e
SHA256

1859c82c4c799de6fe8dc50bae59aecb4c2a4f9cdaaa34a632b1942d1f17be0b
SHA512

11d9f25052888eba3b0c76b2c3d260bbd3856ac483de4fac5ad5a7a42076e6de326146aab8354b53f7fba4166c89c1b624da31ce906a7c57847e2ff0713fb7ab
SSDEEP

6144:8QoEmiBVncabrN5c0g7z73+wjul6uLH+o:8QojiBRcabrN56XL5w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66279de9dcd5a13a9b3c69544432be02_JaffaCakes118

Files

66279de9dcd5a13a9b3c69544432be02_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cdf750ca703447da88bc41c450e1c692

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

gdi32

BitBlt
GetClipBox
GetBitmapBits
SetTextColor
SetBkMode

kernel32

HeapAlloc
VirtualFree
SetEvent
lstrcpynA
GetDiskFreeSpaceA
ExitThread
GetACP
InitializeCriticalSection
LoadLibraryA
SetHandleCount
GetOEMCP
ExitProcess
GetVersionExA
VirtualAllocEx
GetDateFormatA
VirtualAlloc
GetCommandLineW
GlobalAddAtomA
LocalAlloc
GetVersion
WideCharToMultiByte
GetLastError
GetSystemDefaultLangID
GetThreadLocale
GetEnvironmentStrings
GetCurrentThreadId
GetLocaleInfoA
LoadLibraryExA
GetUserDefaultLCID
SetThreadLocale
GetProcAddress
SizeofResource
GetCommandLineA
GetModuleHandleA
LockResource
IsBadHugeReadPtr
GetStringTypeW
GlobalAlloc
SetFilePointer
GetFileAttributesA
IsBadReadPtr

version

GetFileVersionInfoA

comdlg32

GetSaveFileNameA
FindTextA
GetOpenFileNameA
GetFileTitleA
ChooseColorA

advapi32

RegEnumValueA
RegCreateKeyExA
RegQueryInfoKeyA

ole32

StgOpenStorage
CoCreateInstanceEx
CreateOleAdviseHolder
WriteClassStm
StgCreateDocfileOnILockBytes
PropVariantClear

oleaut32

OleLoadPicture
VariantChangeType
SafeArrayCreate
VariantCopyInd
SysFreeString

user32

DrawIconEx
EnumWindows
CharNextA
CallWindowProcA
CharNextW
GetCursor
DeleteMenu
DefWindowProcA
GetFocus
GetDC
CreateIcon
DestroyIcon
GetCapture
GetDesktopWindow
DrawIcon
GetClassInfoA
GetCursorPos
DefMDIChildProcA
CharToOemA
DestroyMenu
CharLowerA
DrawMenuBar
CallNextHookEx
DispatchMessageA
FindWindowA
AdjustWindowRectEx
ChildWindowFromPoint
DrawEdge
DrawFrameControl

Sections

CODE
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES44
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES93
Size: 1024B - Virtual size: 946B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES50
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES16
Size: 1024B - Virtual size: 1023B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES70
Size: 1024B - Virtual size: 959B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES51
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES20
Size: 1024B - Virtual size: 967B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES08
Size: 1024B - Virtual size: 715B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdf750ca703447da88bc41c450e1c692

Headers

File Characteristics

Imports

gdi32

kernel32

version

comdlg32

advapi32

ole32

oleaut32

user32

Sections

CODE Size: 81KB - Virtual size: 81KB

.data Size: 150KB - Virtual size: 150KB

RES44 Size: 3KB - Virtual size: 2KB

RES93 Size: 1024B - Virtual size: 946B

RES50 Size: 1KB - Virtual size: 1KB

RES16 Size: 1024B - Virtual size: 1023B

RES70 Size: 1024B - Virtual size: 959B

RES51 Size: 1KB - Virtual size: 1KB

RES20 Size: 1024B - Virtual size: 967B

RES08 Size: 1024B - Virtual size: 715B

.rsrc Size: 2KB - Virtual size: 2KB

CODE
Size: 81KB - Virtual size: 81KB

.data
Size: 150KB - Virtual size: 150KB

RES44
Size: 3KB - Virtual size: 2KB

RES93
Size: 1024B - Virtual size: 946B

RES50
Size: 1KB - Virtual size: 1KB

RES16
Size: 1024B - Virtual size: 1023B

RES70
Size: 1024B - Virtual size: 959B

RES51
Size: 1KB - Virtual size: 1KB

RES20
Size: 1024B - Virtual size: 967B

RES08
Size: 1024B - Virtual size: 715B

.rsrc
Size: 2KB - Virtual size: 2KB