81ca2049b15cf9a9e9c3bf96ee35e53e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

81ca2049b15cf9a9e9c3bf96ee35e53e_JaffaCakes118
Size

192KB
MD5

81ca2049b15cf9a9e9c3bf96ee35e53e
SHA1

4763479e6b46e2ac26db1b642b972e4b8cd6a006
SHA256

93e4d21003f5aea98d1712a1a911e95b8ff3b27a5795783099a4c6d2c06fe74b
SHA512

0a24911ab2a3216339037669529900910daee0a199bc3a5f0aeed6cf1033e6fbd77ff1af4cbec9d3ac82fa2f11df914ce3f2142200a739566b8c491c74613737
SSDEEP

3072:SSDA9TNM2PEakZrGshz7BKLebz2AW/sMrT5lky686da:S0sTNM2PK3WLbsEc86

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81ca2049b15cf9a9e9c3bf96ee35e53e_JaffaCakes118

Files

81ca2049b15cf9a9e9c3bf96ee35e53e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d26567df0e1c690e66fc31d6e43fd8a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassInfoExW
SetPropW
GetClassLongW
GetNextDlgGroupItem
CopyAcceleratorTableW
CharNextW
CreateWindowExW
WinHelpW
SendDlgItemMessageA
IsRectEmpty
CharUpperW
MessageBeep
RegisterWindowMessageW
SetRect
RemovePropW
InvalidateRect
GetPropW
GetNextDlgTabItem
InvalidateRgn
DestroyMenu

gdi32

ScaleWindowExtEx
GetBkColor
ScaleViewportExtEx
OffsetViewportOrgEx
GetStockObject
SetViewportOrgEx
SelectObject
RectVisible
GetDeviceCaps
GetTextColor
SetWindowExtEx
TextOutW
ExtSelectClipRgn
ExtTextOutW
DeleteDC
PtVisible
GetMapMode
Escape
GetRgnBox

kernel32

MoveFileW
LocalFileTimeToFileTime
GetCalendarInfoW
WideCharToMultiByte
ReadFile
LoadLibraryW
MultiByteToWideChar
DeleteFileW
GetThreadContext
ConvertDefaultLocale
GetCurrentDirectoryW
WriteFile
lstrcpyW
SetFilePointer
EnumResourceLanguagesW
GetCurrentProcessId
SetFileTime
CreateFileW
SystemTimeToFileTime
EnumResourceNamesA
InterlockedDecrement
GetFileAttributesW
ExitProcess
GetModuleFileNameW
GetSystemDefaultLangID
RemoveDirectoryW
CreateDirectoryW
FindNextFileW
GetLocaleInfoW
FindFirstFileW
GetVersion
FindClose
GetProcAddress

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW
PathRemoveFileSpecW
PathAppendW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

ole32

CoTaskMemAlloc
OleIsCurrentClipboard
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleUninitialize
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoGetClassObject
CoInitialize
StgCreateDocfileOnILockBytes
CoTaskMemFree
CLSIDFromProgID
CoCreateInstance
OleInitialize
OleFlushClipboard
CoUninitialize
CoRevokeClassObject
CLSIDFromString

advapi32

RegDeleteKeyW
RegOpenKeyExW
RegQueryValueW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegCreateKeyExW
RegQueryInfoKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueExW

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d26567df0e1c690e66fc31d6e43fd8a3

Headers

File Characteristics

Imports

user32

gdi32

kernel32

oleacc

shlwapi

shell32

ole32

advapi32

Sections

.text Size: 111KB - Virtual size: 110KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 75KB - Virtual size: 75KB

.edata Size: 1024B - Virtual size: 116KB

.text
Size: 111KB - Virtual size: 110KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 75KB - Virtual size: 75KB

.edata
Size: 1024B - Virtual size: 116KB