7421626d4a902e58f4d9ee876b46a004_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7421626d4a902e58f4d9ee876b46a004_JaffaCakes118
Size

139KB
MD5

7421626d4a902e58f4d9ee876b46a004
SHA1

d9d40d4e83c5a60f9d3cb112d6a442e72ebff87f
SHA256

35df2cdab5d06f3b1b9cdb314f34de74d1f745fb96604dbf25f77f4c8fcff98f
SHA512

ed8e6697f54bcb0ed426241afe58ae80c845b108b6d7c7e5ebddd4f63fd9fcbe654d66bf2d083939998421b5bfb47e5682224179d457bce5cba0bf43e23f596f
SSDEEP

3072:Q+Jj334u3ayYQyMnyxunSkFYmBry1vZecw6asjrR96FDl0:LVHXKyltEunSkFYp1vMcNas2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7421626d4a902e58f4d9ee876b46a004_JaffaCakes118

Files

7421626d4a902e58f4d9ee876b46a004_JaffaCakes118
.exe windows:5 windows x86 arch:x86

55045c93fa7615d627b349c99db0ad74

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocale
GetDateFormatA
GetVersionExA
LeaveCriticalSection
CloseHandle
QueryPerformanceCounter
TerminateProcess
lstrcpyA
SetThreadPriority
GetSystemInfo
lstrcmpA
GetStartupInfoA
GetModuleHandleA
lstrlenW
UnmapViewOfFile
WaitForMultipleObjects
GetCurrentThread
LocalLock
GetFileAttributesA
LoadLibraryA
ResumeThread
VirtualQueryEx
ResetEvent
GetCurrentProcessId
ExitThread
CreateFileMappingA
GetCommandLineA
MapViewOfFileEx
SetThreadAffinityMask
SetLastError
VirtualQuery
MoveFileA
GetWindowsDirectoryA
LocalAlloc
GlobalLock
FormatMessageA
OpenMutexA
CopyFileA
WideCharToMultiByte

user32

SystemParametersInfoA
IntersectRect
SetMenuItemInfoA
CreateIconIndirect
WindowFromPoint
CallWindowProcW
ShowScrollBar
LoadBitmapA
SetKeyboardState
GetMenuStringW
MsgWaitForMultipleObjects
IsWindowEnabled
SetScrollRange
UnregisterClassA
ShowCaret
GetScrollInfo
InsertMenuA
EnumClipboardFormats
SetWindowTextW
SetTimer
DrawIconEx
CallWindowProcA
ClipCursor
DrawMenuBar
MapVirtualKeyW
UnregisterClassW
CreatePopupMenu
InvalidateRect
GetSysColor
FindWindowA
CheckMenuItem
GetWindowTextLengthW
SetPropA
SetRectEmpty
PostMessageA
GetWindowThreadProcessId
CharNextA
LockWindowUpdate
GetForegroundWindow

shell32

ShellExecuteA
SHGetPathFromIDListA

gdi32

Polygon
IntersectClipRect
SetMapMode
GetPaletteEntries
SetRectRgn
GetWindowOrgEx
GetDIBColorTable
Pie
SetPaletteEntries
SetPixel
GetTextMetricsA
StartPage
BitBlt
MaskBlt
SetTextAlign
EndDoc
GetBkColor
GetNearestColor
RectVisible
CreateBitmap

comctl32

ImageList_GetDragImage
ImageList_Draw
ImageList_DragEnter
ImageList_DrawEx

ole2sens

_Getcoll
_Mbrtowc
_Eps
_Stold
_Dnorm
_FSinh

wininet

FtpOpenFileA
InternetErrorDlg

ole32

StringFromCLSID
OleDraw

advapi32

RegDeleteValueA
GetUserNameA
RegDeleteKeyA
InitializeSecurityDescriptor
RegCloseKey
RegCreateKeyExA

oleaut32

SafeArrayDestroy
SysFreeString
VariantCopyInd

version

VerQueryValueA

Sections

.text
Size: 115KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55045c93fa7615d627b349c99db0ad74

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

gdi32

comctl32

ole2sens

wininet

ole32

advapi32

oleaut32

version

Sections

.text Size: 115KB - Virtual size: 116KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 17KB - Virtual size: 20KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 115KB - Virtual size: 116KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 17KB - Virtual size: 20KB

.rsrc
Size: 2KB - Virtual size: 4KB