728bd23190cbc7a569fbff2927d7ddac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

728bd23190cbc7a569fbff2927d7ddac_JaffaCakes118
Size

166KB
MD5

728bd23190cbc7a569fbff2927d7ddac
SHA1

7a40d6e22c447d2836e479297601efc2c71dc2db
SHA256

49bb25df44232cdff249efeda71274064ff058da2cadae95b42b55f79afd9a8f
SHA512

034129f7f19fd0896089cc7034daa28be12be3dfd4f33d8c4bd33b5e310e056ac448a1c2d6f5200c08b0a8907f1f17f9a257c105632648aa473a0a0131ca85e4
SSDEEP

3072:LW+1YR9vL9QaBsXIL7glII/qGoXBEC3lZEO80KjA28S+fukTJms1WC:F1YR1pJmXIYqI/qbBEC3lF8VmShkTJmO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
728bd23190cbc7a569fbff2927d7ddac_JaffaCakes118

Files

728bd23190cbc7a569fbff2927d7ddac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fffb85fdd64bb8b3f8bd92c27a0085d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

user32

ReleaseDC
GetDC
LoadCursorW
CheckMenuItem
GetWindowTextW
GetSysColor
ModifyMenuW
GetParent
GetSystemMetrics
EnableMenuItem
GetMenuCheckMarkDimensions
GetLastActivePopup
GetWindowLongW
MessageBoxW
EnableWindow
LoadBitmapW
IsWindowEnabled
GetSysColorBrush

ole32

CoCreateInstance
CoUninitialize
CoInitialize

kernel32

GetEnvironmentStringsW
SetFilePointer
HeapCreate
SetStdHandle
VirtualFree
IsBadWritePtr
GetShortPathNameW
HeapSize
SetUnhandledExceptionFilter
GetTickCount
FreeEnvironmentStringsW
GetStringTypeA
SetHandleCount
GetOEMCP
GetCommandLineA
IsBadReadPtr
GetProcessAffinityMask
HeapFree
GetStringTypeW
VirtualAlloc
EnumResourceTypesW
GetSystemTimeAsFileTime
VirtualProtect
HeapAlloc
RtlUnwind
IsBadCodePtr
LCMapStringA
GetEnvironmentStrings
GetFileType
FlushFileBuffers
QueryPerformanceCounter
LCMapStringW
GetSystemInfo
GetFileAttributesA
GetModuleFileNameA
GetCurrentProcessId
GetCurrentProcess
UnhandledExceptionFilter
HeapReAlloc
VirtualQuery
HeapDestroy
GetStdHandle
GetStartupInfoA
TerminateProcess
GetCPInfo
WriteFile
ExitProcess

shell32

SHGetSpecialFolderPathW

gdi32

SetTextColor
TextOutW
SetWindowExtEx
CreateBitmap
Escape
ExtTextOutW
ScaleWindowExtEx
PtVisible
RectVisible
ScaleViewportExtEx
GetDeviceCaps
SetBkColor
OffsetViewportOrgEx
SaveDC
SetMapMode
DeleteObject
SelectObject
DeleteDC
GetClipBox
SetViewportExtEx
RestoreDC
SetViewportOrgEx
GetStockObject

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

shlwapi

PathFindFileNameW
PathFileExistsW
PathAppendW
PathFindExtensionW

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fffb85fdd64bb8b3f8bd92c27a0085d7

Headers

File Characteristics

Imports

advapi32

user32

ole32

kernel32

shell32

gdi32

winspool.drv

shlwapi

Sections

.text Size: 99KB - Virtual size: 98KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 62KB - Virtual size: 62KB

.tls Size: 1024B - Virtual size: 104KB

.text
Size: 99KB - Virtual size: 98KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 62KB - Virtual size: 62KB

.tls
Size: 1024B - Virtual size: 104KB