71b151dc700fcbd8383e79a19d9b71a8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

71b151dc700fcbd8383e79a19d9b71a8_JaffaCakes118
Size

182KB
MD5

71b151dc700fcbd8383e79a19d9b71a8
SHA1

14587e59df1630003fa06c3f44f46f8a9dafa310
SHA256

b55159f0c63e37b38675d75bedebc8588624e241c570c48600d24b4da5606196
SHA512

4b406b555b6ff8fac8417c09622bd5fd396102ea5eb0dae607ca461e81232e2dc4c83f29b7994468806b56f177f0cb5e09c548aaf9ad7de1b3dd1042b2ad3edd
SSDEEP

3072:Woh1YKpakavBfJn+c1sFKg4ZPZuYqzKr4by9MnWfq47p0/DGf6gcw:WohaSa7ZfNMFKg4ZPnq6ey91q47O/Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71b151dc700fcbd8383e79a19d9b71a8_JaffaCakes118

Files

71b151dc700fcbd8383e79a19d9b71a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e68f1214a44001a70772fb0a563ad167

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectObject
ScaleWindowExtEx
GetDeviceCaps
OffsetViewportOrgEx
DeleteDC
RectVisible
SetViewportOrgEx
GetTextColor
GetMapMode
ExtSelectClipRgn
GetStockObject
ExtTextOutW
Escape
PtVisible
ScaleViewportExtEx
TextOutW
GetBkColor
SetWindowExtEx
GetRgnBox

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsW
PathFindExtensionW
PathAppendW

advapi32

RegEnumKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegQueryValueW
RegSetValueExW
RegOpenKeyW
RegDeleteKeyW
RegQueryValueExW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

kernel32

FindNextFileW
RemoveDirectoryW
WriteFile
InterlockedDecrement
GetCalendarInfoW
GetVersion
SetFilePointer
FindFirstFileW
WideCharToMultiByte
DeleteFileW
LocalFileTimeToFileTime
GetLocaleInfoW
GetThreadContext
GetSystemDefaultLangID
lstrcpyW
GetModuleFileNameW
EnumResourceNamesA
MultiByteToWideChar
LoadLibraryW
ReadFile
FindClose
GetFileAttributesW
ExitProcess
ConvertDefaultLocale
GetCurrentProcessId
EnumResourceLanguagesW
GetCurrentDirectoryW
SetFileTime
SystemTimeToFileTime
CreateFileW
CreateDirectoryW
MoveFileW
GetProcAddress

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CLSIDFromProgID
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoUninitialize
CoFreeUnusedLibraries
CoRevokeClassObject
OleUninitialize
OleFlushClipboard
CoTaskMemAlloc
OleIsCurrentClipboard
CoTaskMemFree
CoCreateInstance
StgCreateDocfileOnILockBytes
OleInitialize
CoRegisterMessageFilter
CoInitialize
CoGetClassObject
CLSIDFromString

user32

InvalidateRect
GetPropW
SetPropW
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
RemovePropW
MessageBeep
GetNextDlgTabItem
SetRect
WinHelpW
CharNextW
GetClassLongW
GetClassInfoExW
SendDlgItemMessageA
CreateWindowExW
RegisterWindowMessageW
CharUpperW
IsRectEmpty
DestroyMenu

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e68f1214a44001a70772fb0a563ad167

Headers

File Characteristics

Imports

gdi32

shlwapi

advapi32

shell32

kernel32

oleacc

ole32

user32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 76KB - Virtual size: 75KB

.edata Size: 1024B - Virtual size: 372KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 76KB - Virtual size: 75KB

.edata
Size: 1024B - Virtual size: 372KB