74d584297fcfd8032a0409342984448a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

74d584297fcfd8032a0409342984448a_JaffaCakes118
Size

203KB
MD5

74d584297fcfd8032a0409342984448a
SHA1

022bc6c8b6bfad17a80775aa28d2c86cf96b5d71
SHA256

ca4ee517a60765191c1495a639eeb8e7841d7fb2cd2682747040d30d39b4cae1
SHA512

ac21ec88ed7bfc93e602daebc77524806cf8a98d670dbfb7dc040aa69a6c5d8db600c791ff011ef3e02877ee1fab6225323bac38de34f9c4c0a94e10be55f4e7
SSDEEP

3072:ekbEX0VIIuwzQHGJNhbCiPxV//nDpdVGRB63BVIQLLbTM/w+68uyyB:ekI0bzoGJfTxJteRkVBU/w+680

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74d584297fcfd8032a0409342984448a_JaffaCakes118

Files

74d584297fcfd8032a0409342984448a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1cea8ac5ffac3b05654452e7a37cbac4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsUNCW
PathFileExistsW
PathRemoveFileSpecW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathAppendW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

SetViewportOrgEx
ExtTextOutW
GetTextColor
GetBkColor
GetDeviceCaps
RectVisible
ExtSelectClipRgn
GetMapMode
Escape
ScaleWindowExtEx
ScaleViewportExtEx
DeleteDC
PtVisible
OffsetViewportOrgEx
TextOutW
SelectObject
GetStockObject
SetWindowExtEx
GetRgnBox

advapi32

RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegQueryInfoKeyW
RegOpenKeyW
RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueExW

user32

CreateWindowExW
SetRect
InvalidateRgn
MessageBeep
SetPropW
GetNextDlgGroupItem
InvalidateRect
CopyAcceleratorTableW
CharUpperW
RegisterWindowMessageW
GetNextDlgTabItem
RemovePropW
CharNextW
GetClassLongW
IsRectEmpty
SendDlgItemMessageA
WinHelpW
GetPropW
GetClassInfoExW
DestroyMenu

ole32

CoRevokeClassObject
CLSIDFromProgID
StgOpenStorageOnILockBytes
CoTaskMemFree
CoCreateInstance
OleUninitialize
CoUninitialize
OleFlushClipboard
CoRegisterMessageFilter
CoInitialize
CoGetClassObject
OleInitialize
OleIsCurrentClipboard
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
CLSIDFromString

kernel32

CreateFileW
GetLocaleInfoW
GetCurrentProcessId
GetCurrentDirectoryW
GetCalendarInfoW
FindNextFileW
DeleteFileW
GetThreadContext
GetVersion
GetSystemDefaultLangID
MultiByteToWideChar
LoadLibraryW
SetFileTime
MoveFileW
FindFirstFileW
EnumResourceLanguagesW
CreateDirectoryW
WideCharToMultiByte
EnumResourceNamesA
ConvertDefaultLocale
SetFilePointer
ExitProcess
FindClose
GetFileAttributesW
WriteFile
LocalFileTimeToFileTime
GetModuleFileNameW
ReadFile
lstrcpyW
RemoveDirectoryW
InterlockedDecrement
SystemTimeToFileTime
GetProcAddress

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1cea8ac5ffac3b05654452e7a37cbac4

Headers

File Characteristics

Imports

shlwapi

shell32

oleacc

gdi32

advapi32

user32

ole32

kernel32

Sections

.text Size: 111KB - Virtual size: 111KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 86KB - Virtual size: 85KB

.edata Size: 1024B - Virtual size: 216KB

.text
Size: 111KB - Virtual size: 111KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 86KB - Virtual size: 85KB

.edata
Size: 1024B - Virtual size: 216KB