71ee8cedb271e766f30a9de52140cf21_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

71ee8cedb271e766f30a9de52140cf21_JaffaCakes118
Size

111KB
MD5

71ee8cedb271e766f30a9de52140cf21
SHA1

1bf963374291acbb01559b11c3cc7cbcf39137b4
SHA256

d8614b61b767e2250a3f797565796568cc3a03912b23b2fafb1069c7f92e1484
SHA512

fcc3bf2e73343e2b83dff226e0fd6cea45016e2e65edfab4cc0599c833cc832e22ad8719b76d522d556f5cab863753c5e10c56582968cfe075b2e3b88ea67663
SSDEEP

3072:Q9h5kxIxaDMqqDa/fjTUk/0T8jrjgDlFCyAr:UC6xawqqDGf/P8gUSyI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71ee8cedb271e766f30a9de52140cf21_JaffaCakes118

Files

71ee8cedb271e766f30a9de52140cf21_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c1d3490bf6da04b4fcb43328affaa2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

fread
fseek
memset
ftell
free
fclose
fwrite
malloc
memcmp
wcschr
wcsstr
_wcsdup
wcslen
wcsrchr
wcscspn
_ultoa
_fdopen
_open_osfhandle
wcscmp
iswalpha
_wcsnicmp
fgetc
wcstok
memcpy

kernel32

GetVersionExA
SearchPathW
GetFileAttributesW
lstrlenW
lstrcpyW
lstrcatW
GlobalFree
GlobalUnlock
GlobalHandle
GlobalReAlloc
GlobalAlloc
MultiByteToWideChar
WideCharToMultiByte
CreateDirectoryW
CloseHandle
SetFileTime
CreateFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemDirectoryW
GetWindowsDirectoryW
GetTempPathW
lstrcmpW
Sleep
GetModuleFileNameW
IsDBCSLeadByte
GetModuleHandleA
FormatMessageW
GetLastError
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
GetSystemInfo
GetCurrentThreadId
FindClose
FindNextFileW
FindFirstFileW
RemoveDirectoryW
DeleteFileW
SetFileAttributesW
GetExitCodeThread
WaitForSingleObject
CreateThread
CompareFileTime
GetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetCurrentProcess
GetProcAddress
GetModuleHandleW
GetExitCodeProcess
CreateProcessW
GetShortPathNameW
lstrcmpiW
GetCommandLineW
LocalFree
ExitProcess
lstrlenA
GlobalLock

user32

DestroyIcon
wsprintfW
SendMessageA
UpdateWindow
ShowWindow
CreateDialogParamA
SetWindowPos
CreateWindowExA
PostQuitMessage
DestroyWindow
GetDlgItemTextA
InvalidateRect
MessageBoxW
DispatchMessageA
TranslateMessage
IsDialogMessageA
CallWindowProcW
UnhookWindowsHookEx
SetWindowTextW
PostMessageW
CallNextHookEx
CheckDlgButton
GetParent
SetWindowsHookExA
CreateWindowExW
GetDesktopWindow
GetSystemMetrics
ReleaseDC
GetDC
MessageBeep
GetMessageA
FindWindowW
WaitForInputIdle
GetWindowLongW
SetWindowLongW
GetDlgItem
SetDlgItemTextW
IsWindow
GetWindowTextW
PeekMessageA
GetWindowRect
GetDlgItemTextW
IsDlgButtonChecked
DialogBoxParamA
SendMessageW
LoadStringW
LoadStringA
MessageBoxA
GetKeyState
EndDialog

shell32

ShellExecuteW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW

ole32

CoTaskMemFree

comctl32

ord17

gdi32

GetTextExtentPoint32W
SelectObject

mpr

WNetEnumResourceW
WNetOpenEnumW
WNetCloseEnum

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c1d3490bf6da04b4fcb43328affaa2b

Headers

File Characteristics

Imports

crtdll

kernel32

user32

shell32

ole32

comctl32

gdi32

mpr

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 28KB - Virtual size: 27KB