72d20f2e39d00036da60d7cca2f43fd3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

72d20f2e39d00036da60d7cca2f43fd3_JaffaCakes118
Size

116KB
MD5

72d20f2e39d00036da60d7cca2f43fd3
SHA1

414a1e31d32e5663484980b94d9f7c80e3c81327
SHA256

892a736362e84ee7f7a30ed4e9384c887c8560552ea3dc719baa27a83e35e1e6
SHA512

1d7af11cd86bdbaaa82b8b9e8c87e9cb2a4de1857b9d0ff48ed043f117aa07a15b180fb57798117d8cfd5cb34512c6af0967cd0bfddbe95002c3e3c6e0e9bd1e
SSDEEP

1536:kmXwYx33kHBjTh4abD+murSKvbvZjYDATWhmKv4LDwKgEdP60X9CxwCPJ:kmAYxHkHB3+MurSKzZ2v0pdP60N2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72d20f2e39d00036da60d7cca2f43fd3_JaffaCakes118

Files

72d20f2e39d00036da60d7cca2f43fd3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c7976f5b67547b28ba9a38042d12f374

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
RaiseException
GetProcAddress
ExitThread
GetOEMCP
lstrcmpiA
GlobalAlloc
GetLastError
GetVersionExA
GetModuleHandleA
CloseHandle
GetCommandLineA
lstrlenA
ExitProcess
VirtualAlloc

comctl32

ImageList_DragShowNolock

shell32

SHGetDiskFreeSpaceA
SHGetFileInfoA

gdi32

SelectObject

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerInstallFileA

advapi32

RegCreateKeyExA
RegDeleteKeyA

user32

GetClipboardData
DestroyMenu
MapVirtualKeyA
EnableWindow
DestroyWindow
RedrawWindow
EnableMenuItem
GetScrollRange
PostMessageA
ShowWindow
CharUpperBuffA
LoadKeyboardLayoutA
UnhookWindowsHookEx
EnumChildWindows
EnumThreadWindows
PtInRect
CharNextW
MessageBeep
GetMenuItemCount
AdjustWindowRectEx
UnregisterClassA
GetWindowThreadProcessId
EmptyClipboard
GetCursor
GetWindowRect
IsRectEmpty
GetDlgItem
DestroyIcon
GetKeyboardState
ScreenToClient
GetKeyboardType
SetActiveWindow
ShowOwnedPopups
SetWindowLongA
CharToOemA
SetCapture
ActivateKeyboardLayout
SetTimer
GetSysColorBrush
TrackPopupMenu
DrawMenuBar
OffsetRect
GetClassNameA
EqualRect
GetMenu
DefWindowProcA
OpenClipboard
SetMenu
GetScrollPos
IsChild
CharLowerA
LoadIconA
DestroyCursor
SetForegroundWindow
GetFocus
SendMessageW
InsertMenuA
SetWindowPlacement
DrawEdge
IsDialogMessageW
DefMDIChildProcA
SetScrollPos
InsertMenuItemA
GetWindowLongA
GetCursorPos
GetDesktopWindow
CreatePopupMenu
TranslateMessage
WaitMessage
SetWindowsHookExA
SetPropA
GetMessagePos
GetWindowLongW
MessageBoxA
ChildWindowFromPoint
CreateIcon
CallWindowProcA
WindowFromPoint
SetFocus
ReleaseCapture
GetActiveWindow
LoadBitmapA
RemoveMenu
GetSystemMenu
GetClassLongA
SetMenuItemInfoA
CharLowerBuffA
GetClassInfoA
SetScrollInfo
IsZoomed
SetCursor
LoadCursorA
BeginPaint
FillRect
RemovePropA
IntersectRect
SetWindowLongW
GetWindowPlacement

ole32

CoCreateInstanceEx
PropVariantClear

Sections

CODE
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7976f5b67547b28ba9a38042d12f374

Headers

File Characteristics

Imports

kernel32

comctl32

shell32

gdi32

version

advapi32

user32

ole32

Sections

CODE Size: 28KB - Virtual size: 28KB

.tls Size: 79KB - Virtual size: 79KB

.rdata Size: 4KB - Virtual size: 3KB

DATA Size: 1024B - Virtual size: 932B

BSS Size: 2KB - Virtual size: 1KB

CODE
Size: 28KB - Virtual size: 28KB

.tls
Size: 79KB - Virtual size: 79KB

.rdata
Size: 4KB - Virtual size: 3KB

DATA
Size: 1024B - Virtual size: 932B

BSS
Size: 2KB - Virtual size: 1KB